I've heard of security features in the framework and the BCL, but does this have anything to do with preventing malicious programmers from writing harmful software, or preventing malware from running on the CLR? For example, is it possible to write a program in C# that makes harmful changes to the Windows folder?
+10
A:
Absolutely, especially if that application is given a high amount of trust. That's what the trust levels in .NET do.
Check out the article on Code Access Security on MSDN for more information.
Also check out Keith Brown's excellent book on .NET Security, which you can read online.
Dave Markle
2009-02-07 22:01:27
Thanks a lot, this is indeed good stuff.
M4dRefluX
2009-02-07 22:07:41
+2
A:
It certainly is. Previous job we created a windows forms interface for a a few beckhoff plc controllers. On of my collegues managed to kill one of the windows servers with the help of WCF and some seriously bad coding or it could be beckhoffs fault.
That can be what you get for running an application with full rights.
mhenrixon
2009-02-08 02:14:23