book

.NET Framework Security

by Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price

April 2002

Intermediate to advanced

816 pages

20h 56m

English

Addison-Wesley Professional

Read now

Unlock full access

Content preview from .NET Framework Security

Modifying a Stack Walk

So, say the author of MyDatabase comes along and, having read all about good security practices, rewrites BackupDatabase to be secure. The filename parameter is removed and the backup is written to a known location controlled solely by the MyDatabase assembly, with no input from external sources.

The security demand will still fail, if the caller of BackupDatabase is untrusted to write whatever file the underlying implementation is using. This is probably not the intended effect; the author of BackupDatabase wants to write the backup on behalf of the user, even if that user is otherwise untrusted. This is where the stack walk modification operators come in.

These operations (Assert, Deny, and PermitOnly) are methods defined ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 067232184XPurchase book

.NET Framework Security

by Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price

Modifying a Stack Walk

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Programming .NET Security

Pro C# 7: With .NET and .NET Core

.Net Framework Essentials

The .NET Developer's Guide to Windows Security

Publisher Resources