PDC and Future Security
From the MSDN “General Articles” Section: Using the Emulator in Smart Device Projects.
Administrator permissions lacking It is unlikely in practice that Visual Studio users do not have Administrator permissions. However, if this is the case, ask a user with Administrator permissions to log on to the development computer and deploy the emulator using either of the two preceding procedures.
I wonder just how many of us have either tried giving ourselves limited permissions and give up due to frustration, or how many have just always used Administrator as their everyday user (yes, this includes UserXYZ who's a member of the Administrators group).
MS needs to retool how user/program permissions work. This should be transparent, and I'm not talking about the “Run As...” command. I recall seeing someone post a bug where “Run As...” cleared out their favorites. I'm talking no user-switching-necessary, application permissions, a-la-.net. I can't wait to see what new security features will be rolled out / described at the PDC.
Here are the sessions which I feel may best address this issue:
ASP.NET Security Best Practices to Protect Against Hacker Attacks (Erik Olson)
*CLR Under the Covers: .Net Framework Application Security (Ivan Medvedev, Sebastian Lange)
Security Panel: What's Next? Directions in Security. (Carl Ellison, Chris Wysopal, Howard Schmidt, James Hamilton, Jason Garms)
*This one looks really fun...it talks about “a new application identity based security and deployment model” ...this is a direction I can appreciate! Now if only it could work for individual instances of an application as well....