Security issues that must be addressed by Visual Basic. NET and Visual C #. NET programmers
Robin Renault-Haertle
Visual Studio Team
Microsoft Corporation
January 2002
Abstract: This article focuses on the main security issues that need to be addressed when Visual Basic. NET and Visual C #. NET developers start to use the. NET Framework. This overview discusses Windows and Web applications, as well as the implementation, debugging, and deployment phases of the development process.
This article applies to the final versions of Visual Studio. NET and. NET frameworks. If you are using a prerelease version, the running of the application may be slightly different from that discussed in this article.
Directory introduction code access security fully trust part development and testing of trusted environments other resources Web applications dynamically discover identity verification, simulate and delegate ASPNET process identifiers protect file resources when running under the ASPNET identity to debug Visual Studio. summary of security mechanisms in the. NET development environment
Compared with earlier versions of Visual Studio, Microsoft® Visual Studio®. NET provides better security control for application running .. The. NET Framework provides more control and requires you to take on more programming responsibilities. When creating friendly and easy-to-use applications for users, you need to solve some security problems.
Generally, security issues need to be resolved in the following three situations: the user running your application may deny the permission of the application, because the application runs at a specified location, this user is denied access to certain system resources. For example, you can deny the file permissions of all applications stored on the network drive by configuring the Common Language Runtime. You should pay attention to this issue when writing the code, and write the code to make an appropriate response to this rejection.
Users who access Web applications from your Web server must be prevented from running malicious code or damaging data on the server.
Visual Studio makes the server more or less vulnerable to malicious code attacks.
Code Access Security
Code access security is a system of the. NET Framework. It controls resource access by controlling code execution. This security function is independent of the security provided by the operating system and supplements the security provided by the operating system. When a user runs your application, the application will be allocated to one of the five regions during the. NET public language runtime. These five areas are: My computer-applications on the user's computer.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
