If you want to see an example of the horrendous consequences of unverifiable code, go to
http://staff.develop.com/candera/clrversion.htm This bug still exists in both the C# and VB.NET compilers - and I consider it a very serious one that many people are going to run into. > -----Original Message----- > From: Moderated discussion of advanced .NET topics. [mailto:ADVANCED- > [EMAIL PROTECTED]] On Behalf Of Stoyan Damov > Sent: Monday, September 16, 2002 9:38 AM > To: [EMAIL PROTECTED] > Subject: Re: [ADVANCED-DOTNET] CAS: what's the diff between FullTrust and > Everything permission sets? > > Hi Jeroen, > > OK, it seems I've missed something, but I just tried to answer the > question "why SkipVerification is considered more dangerous than > UnmanagedCode?" and I'll add just one thing to my previous reply: > Microsoft test if their compilers (C# and VB.NET, I know they don't do > such tests on MC++) produce verifiable code. What is verifiable I don't > know. I just know, that if either compiler fail to produce such code, MS > take that as a severe bug and fix the compiler. So it is obvious that > unverifiable code (similar to unverified code) can do something very > dangerous, whatever it may be. I'm not familiar with Rotor as much as I > wish, so I can't say anything more. > > And "why SkipVerification is not included in Everything" is a question > which could be answered by some Microsoft guy, paying attention to this > list. > > Stoyan > > > -----Original Message----- > From: Jeroen Frijters [mailto:[EMAIL PROTECTED]] > Sent: Monday, September 16, 2002 2:07 PM > To: [EMAIL PROTECTED] > Subject: Re: [ADVANCED-DOTNET] CAS: what's the diff between FullTrust > and Everything permission sets? > > > I have said this before, but I will say it again. From a security > standpoint there is *no* difference between allowing code to skip > verification or to call unmanaged code. If code has either of these two > permissions, it can do whatever it wants on your system (limited, of > course, by the rights of the user that runs the process). > > I don't think there is any good reason why SkipVerification is not > included in Everything. > > BTW, there are more permissions that effectively give you full control > over the system. > > Regards, > Jeroen > > > -----Original Message----- > > From: Moderated discussion of advanced .NET topics. > > [mailto:[EMAIL PROTECTED]] On Behalf Of Stoyan Damov > > Sent: Monday, September 16, 2002 10:51 > > To: [EMAIL PROTECTED] > > Subject: Re: [ADVANCED-DOTNET] CAS: what's the diff between FullTrust > > and Everything permission sets? > > > > > > If you use unmanaged code, you're in control -- you can do whatever > > you wish. You can or cannot do harm, it's your call. > > Skipping verification means that the JITCompiler function in > > MSCorEE.dll > > (Microsoft Component Object Runtime Execution Engine) will not verify > > the IL code before it translates it into the target CPU architecture's > > assembly instructions and execute it. This will eventually > > skip to check > > the security permissions of the code, so it is the machine's > > administrator responsibility to uncheck this option in the .NET > > framework configuration MMC console. > > > > Does this help? > > > > Stoyan Damov > > > > P.S. Read Jeffrey Richter's book for better explanation. > > > > > > > > -----Original Message----- > > From: Shawn A. Van Ness [mailto:[EMAIL PROTECTED]] > > Sent: Monday, September 16, 2002 8:59 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [ADVANCED-DOTNET] CAS: what's the diff between FullTrust > > and Everything permission sets? > > > > > > Umm... yes, Valery -- that was part of my original question (still > > unanswered). Does anyone know why SkipVerification is considered more > > > dangerous than UnmanagedCode? > > > > > 2) Why doesn't the Everything permset include the SkipVerification > > > permission? Isn't UnmanagedCode more dangerous than > > SkipVerification? > > > > -S > > > > > > On Wed, 4 Sep 2002 10:19:59 +0200, Valery Pryamikov > > <[EMAIL PROTECTED]> wrote: > > > > >Just in addition to previous posts to this thread: > > > > > >Everything PS is a set of standard permissions without skip > > >verification (which is not allowed by default Everything PS). > > > > > >-Valery. > > > > > >You can read messages from the Advanced DOTNET archive, unsubscribe > > >from Advanced DOTNET, or subscribe to other DevelopMentor lists at > > >http://discuss.develop.com. > > > > You can read messages from the Advanced DOTNET archive, unsubscribe > > from Advanced DOTNET, or subscribe to other DevelopMentor lists at > > http://discuss.develop.com. > > > > You can read messages from the Advanced DOTNET archive, unsubscribe > > from Advanced DOTNET, or subscribe to other DevelopMentor lists at > > http://discuss.develop.com. > > > > You can read messages from the Advanced DOTNET archive, unsubscribe from > Advanced DOTNET, or subscribe to other DevelopMentor lists at > http://discuss.develop.com. > > You can read messages from the Advanced DOTNET archive, unsubscribe from > Advanced DOTNET, or > subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
