Re: Is there dynamic authorization in IE and .NET?
From: Marcelo J. Birnbach (mbirnbac@online.microsoft.com)
Date: 02/13/03
- Next message: Marcelo J. Birnbach: "Re: Okay.. what is going on here .. Security error?"
- Previous message: Marcelo J. Birnbach: "Re: Security exception"
- In reply to: Hisashi Kojima: "Re: Is there dynamic authorization in IE and .NET?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Marcelo J. Birnbach" <mbirnbac@online.microsoft.com> Date: Thu, 13 Feb 2003 13:44:12 -0800
Our current security system tries to not rely on user decisions during
run-time, else it works using the security policy instaled in the user
machine.
However, in Everett we added a Message Box to ask the user if he/she wants
to run a managed control in the first time it's loaded. This can be avoided
though by signing the control with a valid certificate.
BTW, the DEFAULT security policy works as follows:
in V1 (3705): Internet runs with Internet permision set
in V1 SP1 : Internet has NOTHING, so by default you can't run any code
coming from the internet
in V1.1 : Internet runs with Internet permision set
"Hisashi Kojima" <hisashi@mail2.alpha-net.ne.jp> wrote in message
news:uiVaG5QwCHA.1628@TK2MSFTNGP10...
> Hi mike
>
> > I think that Authticode is back in for v1.1.
>
> That will be right.
>
> > also, other ways ive seen is to make a .msi that sets up the security
> > policy. then the user downloads and runs the msi, which grants
permission
> > to whatever needed.
>
> My understanding seems to be insufficient... I am going to examine and try
> such technologies's details.
>
> Thank you for valuable informations.
>
> --
> hisashi
>
- Next message: Marcelo J. Birnbach: "Re: Okay.. what is going on here .. Security error?"
- Previous message: Marcelo J. Birnbach: "Re: Security exception"
- In reply to: Hisashi Kojima: "Re: Is there dynamic authorization in IE and .NET?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
