Browse by Tags

All Tags » Security (RSS)

New .NET 4.0 Security changes by HernanDL

You can take a look at the new v4.0 .NET Framework , and the changes that will be described in Shawn 's blog. Here are the two first of the series. - .NET 4.0 Security - Security Policy in the v4 CLR Stay tunned for more insightful info on this topic...
Filed under:

Run as different user in Vista by HernanDL

Very useful script for adding this feature back to Windows Vista in case the "Run as Administrator" may not fit your needs :) http://technet.microsoft.com/en-us/sysinternals/cc300361.aspx
Filed under:

X509 Certificate validation by HernanDL

Some time ago I was looking for some way to validate an X509 certificate and for my surprise I couldn't find any good method to do this pretty common task. I know that the X509Certificate2 class has a Verify method but is rather limited in terms of validation...
Filed under: ,

FxCop rules for securing WCF services by HernanDL

One of the coolest features (IMHO) that you will find in the september CTP version of the Web Service Software Factory project, in particular related to the WCF Security Guidance Package, is the new WCF Security Code Analysis feature. This new feature is basically a set of custom FxCop rules that are plugged into Visual Studio Static Analysis feature and have a couple of interesting things....
Filed under: , ,

WCF Security Guidance Package by HernanDL

After quit a long time of blogging silence and several months working in the redmondians “trenches”, I finally find some time to share my insights of this exciting project I’m currently collaborating. The May CTP of the Web Service Software Factory (as...

Patterns and Practices Security guru is blogging by HernanDL

J.D. Meier is the Patterns & Practices security guru and is now blogging. You may have read some of his many articles and how to’s on Security Guidance for .NET 2.0 . You will find that every of his posts follows the same level of insight and high...

Start a new Process as another user by HernanDL

On my last post User Credentials CommandDialog with SecureString password I showed an example on how to get the user credentials using a standard windows dialog and spawn a new process with those credentials. Now let’s assume that you want to get the...
Filed under:

User Credentials CommandDialog with SecureString password by HernanDL

Now that VS2005 and .NET 2.0 is on the street, I started to port some of my tools and projects from .NET 1.1. Since I was working on authentication in a Winform client application, one of the common scenarios is “credential gathering”. This is typically...
Filed under:

Permcalc tool and FullTrust issues by HernanDL

When I was performing a CAS analysis with the PermCalc tool on some assemblies that I expected to run under a zone with constrained permissions like “Intranet”, I came across a couple of interesting issues with this very helpful tool. There are two especially...
Filed under:

Bookmark these Security links from Patterns & Practices by HernanDL

Note : this entry has moved . This is an awesome collection of security links for your toolbox. If you already know the theory about engineering for security , then you may go straight to the meat and check it out these cool How Tos (for .NET v1.1 and...
More Posts Next page »