 |
 |
| ActiveWin | Anonymous | Create a User | Reviews | News | Forums | Advertise | VBA in Excel | Users Online: 0 |
|
|
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
Active Network |
|
ActiveMac |
|
ActiveWin |
|
ActiveXbox |
|
DirectX |
|
Downloads |
|
FAQs |
|
Interviews |
|
MS Games & Hardware |
|
Reviews |
|
Rocky Bytes |
|
Support Center |
|
TopTechTips |
|
Windows 2000 |
|
Windows Me |
|
Windows Server 2003 |
|
Windows Vista |
|
Windows XP |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
Apple/Mac |
|
Xbox/Xbox 360 |
|
News Search |
|
XML/RSS Newsfeeds |
|
Pocket PC Site |
|
|
|
|
|
|
|
FAQ's |
|
Windows Vista |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows Server 2003 |
|
Windows XP |
|
Windows 7 |
|
Windows 8 |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox 360 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
Latest Reviews |
|
Xbox/Games |
|
Fable 2 |
|
|
|
Applications |
|
Windows Server 2008 R2 |
|
Windows 7 |
|
Adobe CS5 Master Collection |
|
|
|
Hardware |
|
Microsoft Express Mouse |
|
|
|
|
|
|
|
Latest Interviews |
|
Mike Swanson |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Advertise |
|
Affiliates |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
 |
Beware of Fully Trusted Code | |
|
||
| Time: 00:00 EST/05:00 GMT | News Source: Microsoft | Posted By: Robert Stein | ||
|
The vast majority of managed applications run with full trust, but based on my experience teaching .NET security to developers with a broad range of experience, most really don't understand the implications of fully trusted code. So I've pulled together a number of examples where fully trusted code can skirt around common language runtime (CLR) security features, starting each with a question that seems to have an obvious answer. |
||
|
Read Only Comments Return to News |
Displaying Comments 1 through 1 of 1 |
This is an archived static copy of ActiveWin.com. |
| #1 By 2332 (65.221.182.2) at Friday, April 09, 2004 09:37:15 AM |
|
#1 - However leaving the choice of how much to trust an application to the user seems most sensible.
No, it doesn't. Leaving a choice up to somebody who almost certainly has no clue what they're doing is probably not the best choice. Why do you think spyware is so rampant? It's because when users see the ActiveX prompt, the almost invariably click "yes". The choice for how much to trust an application should first be left up to the administrator of the system. It should be controlled by policy set ahead of time. The user should never see a prompt asking them if they want to run in "full trust" mode. Instead, it should simply say "the application could not be run because it requires a greater level of permissions than what it has been granted." Only then could a user go and modify their security policy to allow that application to run. Since most users are clueless, they will not be able to do this. It's better to prevent a application from running than it is to open a machine to attack by default. The way Palladium/NGSCB is designed, it does not make sense to use the word "trust," but rather "closed." It is a closed systaem which can only be accessed in authorized ways. NGSCB is a police state for the PC. How so? Granted, NGSCB is a way to allow for software and content publishers to be sure that software runs as they designed it to run. But it is also a way for users to determine exactly who has access to what information on their machine. NGSCB greatly improves the control owners have over their own data. That includes both software/content publishers and users. Just because it will prevent people from stealing online content or pirating software doesn't make it a police state. |
