My blog has moved and can now be found at http://blog.aniljohn.com

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

Wednesday, March 24, 2004
« Best Practice Guide for Securing Active ... | Main | CIS Benchmark and Scoring Tool for Windo... »

Keith Brown has a new MSDN Magazine Security Brief that discusses the implications of fully trusted code. [1]

His conclusion is thought provoking to say the least - "The goal of this column was to demonstrate that many of the security features of the CLR can only be enforced in a partial-trust environment. While the notion of full trust might seem obvious to some, I've reviewed plenty of designs that make assumptions about CLR security that simply don't fly in a full trust scenario. If you compare the CLR's built-in security to Windows built-in security, running with full trust is akin to running as SYSTEM. Fully trusted code can get around all of the CLR's built-in security features. That's why it's called fully trusted—it must be trusted to do the right thing. SYSTEM can get around any security constraint in Windows, which is why code running as SYSTEM must be trusted."

[1] http://msdn.microsoft.com/msdnmag/issues/04/04/SecurityBriefs/

 

Tags:: Security
3/24/2004 3:48 PM Eastern Standard Time  |  Comments [0]  |  Disclaimer  |  Permalink   
Comments are closed.