Women in Technology

Hear us Roar


Article:
  Understanding .NET Permissions: Where Did That Permission Come From?
Subject:   More insecurity
Date:   2003-02-18 16:57:28
From:   anonymous2
Until the average end-user has sufficient utility or tools to validate the permission settings of tons of .NET objects, this is just one more gigantic security hole awaiting to be deployed.


No thanks.
Full Threads Oldest First

Showing messages 1 through 1 of 1.

  • More insecurity
    2003-02-19 06:16:50  ffmike [View]

    I don't think I quite understand what you're getting at. Certainly the tools for validating the permissions requested are there in the .NET Framework SDK, which anyone can download. But the notion of the "average end-user" checking security permissions strikes me as rather bizarre. For the average end-user, I think a better strategy is for the platform to set reasonable defaults. .NET certainly takes a shot at this by locking out code that's not running from a trusted drive on your own computer by default.

    Perhaps I'd understand better if you supplied a scenario where the .NET security system actually amounts to a security hole.

Recommended for You
 
Sign up today to receive special discounts,
product alerts, and news from O'Reilly.
Privacy Policy >
View Sample Newsletter >