Role based security flaw?
Hi all,
I'm implementing role based security, but I keep having this nagging
feeling that it may not be as secure.
Using role based security to classes / methods, whats to stop a
malicious client from creating their own prinicpal that answers yes to
ever IsInRole call? What should I watch for to prevent this? Limit
the principal to certain types (WindowsPrincipal, my custom one, etc)?
Thanks
Andy
.
Relevant Pages
- Re: Ten least secure programs
... it's probably better you leave the topic alone ... I said I do not have security issues with the programs I code. ... I didn't realize you were a Linux user, ... > the most widely used and secure UNIX flavors? ...
(Security-Basics) - "An Asp.Net accident waiting to happen" - Draft article
... In a time where Security ... in shared hosting environments. ... technologies that allow the creation and deployment of secure ... IIS 6 web server and windows 2003 also provide some tools to deploy ...
(microsoft.public.dotnet.framework.aspnet.security) - RE: Why Easy To Use Software Is Putting You At Risk
... I do agree that the additions and changes to Solarius will make it more secure and that this is good. ... Why Easy To Use Software Is Putting You At Risk ... instead I would say that the view that security is ... Four Construction Workers Died after Crane Collapse in Toledo, ...
(Security-Basics) - Why Easy To Use Software Is Putting You At Risk
... Anyone who has been working with computers for a long time will have noticed ... because DNS does not configure properly or security permissions are relaxed ... Is It Also Secure ... guarantee that no one really knows for sure, not even Microsoft developers. ...
(Security-Basics) - RE: Why Easy To Use Software Is Putting You At Risk
... making the base product more secure. ... instead I would say that the view that security is ... Cost and Accounting. ... Four Construction Workers Died after Crane Collapse in Toledo, ...
(Security-Basics) |
|
