Robert Hurlbut's Blog

Thoughts on .NET, Security, Architecture, Agility, and Databases.

This Blog

Syndication

Search

Go

Navigation

Archives

.Company / Other Sites / Other Blogs

Robert Hurlbut Consulting Services

.NET Links

WebLogs @ ASP.Net

.NET Local Boston Events

Boston Nerd Dinner

.NET User Groups in New England

Blogs - .NET

Blogs - Agile

Sam Gentile

Blogs - Architecture

Blogs - CLR

Blogs - Security

Blogs - SQL Server

Blogs - System.Transactions

Enterprise Services (COM+) Resources

A Roadmap to EnterpriseServices

Indigo Resources

WinFx Beta 1 RC SDK

Microsoft Security Resources

Presentation resources

Recommended Books

Rotor Resources

Security Resources

Understand the dangers of Fully Trusted Code

In my own research into .Net Security, one area I have explored is how to correctly set up Partial Trust websites with ASP.NET 1.1 and resources placed in “sandboxed” environments. One of the best resources I have found is the book Improving Web Application Security: Threats and Countermeasures from the Microsoft Patterns and Practices group.

For a quick introduction, Keith Brown has an excellent article in the April, 2004 issue of MSDN Magazine called “Beware of Fully Trusted Code”. Read this and understand the issues.

Published Friday, March 26, 2004 3:23 PM by RHurlbut

Filed under: ASP.NET, .NET, Security, CLR, Architecture/Patterns

Comments

No Comments