Women in Technology

Hear us Roar



Article:
  Understanding .NET Permissions: Where Did That Permission Come From?
Subject:   More insecurity
Date:   2003-02-19 06:16:50
From:   ffmike
Response to: More insecurity

I don't think I quite understand what you're getting at. Certainly the tools for validating the permissions requested are there in the .NET Framework SDK, which anyone can download. But the notion of the "average end-user" checking security permissions strikes me as rather bizarre. For the average end-user, I think a better strategy is for the platform to set reasonable defaults. .NET certainly takes a shot at this by locking out code that's not running from a trusted drive on your own computer by default.


Perhaps I'd understand better if you supplied a scenario where the .NET security system actually amounts to a security hole.