Robert Hurlbut Blog

Thoughts on Software Security, Software Architecture, Software Development, and Agility

Understand the dangers of Fully Trusted Code

Friday, March 26, 2004 Comments

 .NET  ArchitecturePatterns  ASP.NET  CLR  Security 
Share:   Share on LinkedIn    Share on Twitter    Share on Google+    Share on Facebook   

In my own research into .Net Security, one area I have explored is how to correctly set up Partial Trust websites with ASP.NET 1.1 and resources placed in “sandboxed” environments.  One of the best resources I have found is the book Improving Web Application Security: Threats and Countermeasures from the Microsoft Patterns and Practices group.

For a quick introduction, Keith Brown has an excellent article in the April, 2004 issue of MSDN Magazine called “Beware of Fully Trusted Code”.  Read this and understand the issues.

Share:   Share on LinkedIn    Share on Twitter    Share on Google+    Share on Facebook