Home All Groups Group Topic Archive Search About

.NET Security

microsoft.public.dotnet.security
Score On sandboxes, and why you should care
Dinis Cruz - 31 Mar 2006 10:50 PM - 2 messages
Here is a post I did to the webappsec mailing list which I is very relevant to this newsgroups. I also very interested if your comments about this issue. Dinis -------- Original Message -------- Subject:     On sandboxes, and why you should care ...
Score Encrypting connection strings across dev environment
Becky VanBruggen - 31 Mar 2006 2:35 PM - 4 messages
I'm in the process of trying to create a template ASP.NET 2.0 web site for all the developers in my group. I'd like to encrypt the connection strings for commonly used databases and put them in every developer's machine.config ...
Score Gracefully stopping a .NET 2 app on .NET 1.1 fcl system
Mitch Gallant - 31 Mar 2006 12:41 PM - 6 messages
*Without* using a deployment/setup project, is there a graceful way of stopping a .NET 2 app. at start of execution on a .NET 1.1 fcl system? (or is it best just ot let the CLR (or PE .. CLR invoker) inform you ? ...
Score file permission on Windows 2003
beachboy - 31 Mar 2006 8:47 AM - 4 messages
i am writing a code for export data to excel, it is working smooth on windows 2000 platform. After I upload to windows 2003 server, FileInfo object always has problem: the FileInfo object can't access and always return "Access is denied" ...
Score Best practice SecureString and pswd collection
Mitch Gallant - 30 Mar 2006 1:49 PM - 13 messages
Using .NET 2 managed code only, what is the best that can be done security-wise in collecting a password from the user (as console or some pswd control dialog) and passing to a function (like X509Certificate.Import) which can accept a SecureString? ...
Score VB.NET Role-Based Access
Sauny - 30 Mar 2006 11:19 AM - 6 messages
Hi all, Am trying to implement some security on my program.  This program will be run on a number of machines across the globe.  I have created a number of user groups which contain the access priveleges of the ...
Score Can I tell if a user came thru a secure site?
Sega - 30 Mar 2006 3:25 AM - 11 messages
My web app is not on a secure server. However, before getting to my app,  a user is supposed to logon thru a secure server.  Is there any way to tell that the user has been approved and  is coming from the secure site rather ...
Score Windows Service reg key access fails
John A Grandy - 29 Mar 2006 10:27 PM - 2 messages
I've built a .net 2.0 Windows Service that accesses a Registry key shortly after startup. On one XP Pro SP2 I build the service and referenced libs, deploys the servie, starts it up, and it runs fine. I transfer the service and libs to another XP Pro SP2 box , deploys it , ...
Score RSACryptoServiceProvider functioning differently in 2005 (vs.2003)
mfroman - 29 Mar 2006 8:48 PM - 3 messages
The following code works fine in VS2003 (.Net 1.1).  However, in VS2005 (.Net 2.0) it throws a "Bad Data" exception on the decrypt line! (Although this example may seem pointless, it is just the pertinant lines from larger source code. It was consolidated to highlight the error). ...
Score SecurityPermission problem
Itay Sandbank - 29 Mar 2006 2:26 PM - 4 messages
Hi.   I'm trying to understand how to use CAS, and found something strange. I'm trying to deny my program of a few permissions to see what happens. I created a small program that creates the file c:\hello.txt and exits: ...
Score Strange problem with X509Certificate2 on Windows 2003
mira@utia.cas.cz - 29 Mar 2006 1:37 PM - 7 messages
Hi, I am loading a private .pfx key using the X509Certificate2 class by the following line X509Certificate2 x509 = new X509Certificate2(PrivateKeyFile, PrivateKeyPassword); where PrivateKeyFile and PrivateKeyPassword are strings. This perfectly works on my computer with windows XP home and Visual Web ...
Score Security issue running unmanaged code in a win form ctrl hosted in
Filippo Bettinaglio - 29 Mar 2006 10:49 AM - 4 messages
Security problem running unmanaged code (.ocx control) in a windows from control hosted in IE6 Hi, I have design a  windows from control which contain a .OCX in one of its forms. Component developed in C#2005   --------   .NET2 ...
Score How to troubleshoot 401 error when connecting using NetworkCredent
Joe - 29 Mar 2006 7:22 AM - 13 messages
Reposting here as no reply on the remoting NG or on the remoting forum: also it's not specifically related to remoting as I get exactly the same result when connecting to a WebService hosted in IIS. Original post is here: ...
Score Trying to grant full trust..... (.NET 2.0)
Lloyd Dupont - 29 Mar 2006 3:22 AM - 4 messages
I have written an application which I have "installed" (copied) in a shared directory on some remote computer. Now I'm trying to run this application but I get plenty of SecurityException all over the places. I'm trying to use mscorcfg to grant full trust to the application, but that ...
Score .NET app on a shared directory.
Lloyd Dupont - 29 Mar 2006 1:52 AM - 11 messages
I have written a .NET application which does heavy use of interop (through ManagedC++). It works allright. Now someone askedme if it works when installed in a shared directory. So I'm testing, installed the application on a remote computer, in a shared ...
Score Using SSPI with Custom Authentication
anonymous - 28 Mar 2006 11:46 PM - 2 messages
I'm currently working on a system that is made up of multiple Databases.  The first database contains all of the user information; such as UerName, password (stored as  a hash) etc...  The other databases are used to provide ...
Score Custom Security
source - 28 Mar 2006 9:33 PM - 2 messages
Is there a tutorial to create custom permissions and deploy/import it in Visual Studio IDE source ...
Score Passwords and SecureString
dsellers - 28 Mar 2006 7:39 PM - 2 messages
I am building a generic Password object for my application and I am thinking of using an instance of SecureString as the backing value for the Password Instance. However, in order to compare it I have to serialize it to a string. ...
Score if I encrypt key data why do I want or need SSL?
Rob R. Ainscough - 28 Mar 2006 4:46 PM - 13 messages
Just curious why people freak out about not having SSL and/or having a SQL Server port 1433 open. If I do the following why do I care about SSL or port 1433? 1.  40 character passwords for all SQL accounts ...
Score Alternative to APTCA AllowPartiallyTrustedCallersAttribute?
Gary F. - 28 Mar 2006 3:12 AM - 4 messages
So I have the following situation: 0. I have a web app in an intranet setting. 1. I have a .Net 2.0 user control that i want to embed/host in IE. 2. It relies on a 3rd-party COM dll. ...
Score how to secure a .getstring result containing html..
Paul - 27 Mar 2006 8:24 PM - 3 messages
I am working with some existing code that creates a table in part by using the .getString method of a dataset to put <td><tr>, etc. into the returned data as in the following VB.Net example:     ...
Score How to encrypt a string with ProtectedData (.NET 2.0)
Zemp Dominik - 27 Mar 2006 1:01 PM - 5 messages
Hi How can I encrypt a string with the new ProtectedData class in the .NET Framework 2.0? I have an example, but I receive always a 㣊 as output?!? Here's my code:         Dim plainBytes As Byte() ...
Score Rights to get Data for Crystal reports
den 2005 - 27 Mar 2006 2:37 AM - 4 messages
Hi everybody,    When I place data field into crystal report and then run the web application, it causes error with a message: Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about ...
Score JavaScience CD versus book
Mitch Gallant - 27 Mar 2006 12:08 AM - 4 messages
As some of you may have noticed, the JavaScience web site is now offline (except for a basic home page). It has been suggested to me that I should author (or co-author) a book on the material therein (probably an "Interop Cookbook" type of publication). ...
Next » 2 3 4 5 6 7 8 9 10