Re: CAS -Security

From: Mary Chipman (mchip_at_online.microsoft.com)
Date: 07/04/04

• Next message: Michael Giagnocavo [MVP]: "Re: cleanup of data from memory"
• Previous message: Srini: "cleanup of data from memory"
• In reply to: Srini: "CAS -Security"
• Next in thread: Srini: "Re: CAS -Security"
• Reply: Srini: "Re: CAS -Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 04 Jul 2004 13:53:05 -0400

First of all, you have to go through the threat modeling process and
ask yourself what kind of attacks your application might be vulnerable
to. This link will help you get started:
http://msdn.microsoft.com/security/securecode/threatmodeling/default.aspx

--Mary

On Sat, 3 Jul 2004 15:16:01 -0700, "Srini"
<Srini@discussions.microsoft.com> wrote:

>I am using Role based security in my application. Is it necessary to use Code access security also? I am able to restrict the un-authorized users by using role based security.
>
>Are there any security issues, if I do not restrict the permissions that are given by .Net security framework to my assembly, by using Requestminimum, RequestOptional and RequestRefuse? I appreciate your help.
>
>Thanks.

---

• Next message: Michael Giagnocavo [MVP]: "Re: cleanup of data from memory"
• Previous message: Srini: "cleanup of data from memory"
• In reply to: Srini: "CAS -Security"
• Next in thread: Srini: "Re: CAS -Security"
• Reply: Srini: "Re: CAS -Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2004-07