Disabling the FIPS Algorithm Check

.NET 2.0 introduced a check for FIPS certified algorithms if your local security policy was configured to require them.  This resulted in algorithms which are not FIPS compliant (or implementations which were not FIPS certified) throwing an InvalidOperationException from their constructors. In some cases this isn’t a desirable behavior.  For instance, some applications need to…

4

Which Groups Does WindowsIdentity.Groups Return?

WindowsIdentity exposes a Groups property which returns a collection of IdentityReferences for the groups that a particular user is a member of.  However, if you look closely, you’ll find that these returned groups won’t necessarily include all of the groups that the user is a member of. Under the covers, WindowsIdentity populates the groups collection…

1

Using the MMC Snap-In to Configure 64 Bit CAS Policy

The .NET Framework SDK ships with a MMC Snap-In which enables you to, among other things, avoid using caspol to modify your local security policy. Since each runtime installed on your machine has independent security policy, the MMC Snap-In will only modify policy for the version of the CLR it is running against, and you may need to have…

1

Kenny Kerr Explores UAC

Kenny Kerr, one of our Security MVPs, has updated his Windows Vista for Developers series with Part4 – User Account Control.  Kenny takes an in-depth look at what UAC means for developers and covers areas that a lot of other sources don’t touch on, such as integrety levels.  This is absolutely worth a read once…

0

Adding a UAC Manifest to Managed Code

The UAC feature of Vista is one of my favorite new features — it really makes running as a non-admin much less painful than it has been in the past.  One of the requirements that UAC puts on developers is that we must mark our applications with manifests which declare if the application would like…

12

Return of the Mailbag

Over the last week or so I’ve seen a few questions pop up multiple times.  In no particular order: Q: Is calling a virtual method with a non-virtual call verifiable? A: It depends 🙂  In v1.x of the CLR this was verifiable.  We made a change in v2.0 which disallows a non-virtual call to a…

1

Impersonation and Exception Filters in v2.0

A while back, I wrote about a potential security hole when malicious code can set up an exception filter before calling your code which does impersonation. In the final release of v2.0, we’ve added a feature to help mitigate this problem.  The CLR records that you’ve begun impersonation on the stack frame where you make the…

8

UAC Policy Settings

The new UAC blog (formerly LUA, formerly UAP) has up a good post on the six security policy settings that have been introduced to control how UAC works.  As the Vista betas start coming out and people can start to play with UAC, knowing that some of these knobs are available can certainly be helpful. I’ve…

0

PrincipalPermission and Finalizers

Nicole Calinoiu, one of our developer security MVPs, has just posted a good description of the problems that occur when using PrincipalPermission with impersonation and finalizers.  The key thing to take away from this is that impersonation occurs on a per-thread basis and finalizers run on a thread that the GC controls, not on the…

3

Mike Rousos on Registry Security

Over the weekend, Mike Rousos (a BCL tester who’s been temporarily drafted onto the security team) posted an interesting piece about the new BCL registry security support on the BCL blog.  While the title mentions RegistryPermission, the post is actually about the NT security features of the registry classes rather than CAS permissions.  Mike covers…

2