I know this question must have been brought up many times, but I really got confused by the previous posts. Here is my situation: I have a windows service developed on .Net framework. And my windows service needs to reach some resource on the domain, such as a SQL Server, so I have to use ...more >>

so how do you want to request a kerberos token if you are not a domain member ?? the asp.net worker process identity must be a domain account then. you can configure that in the <processmodel> element in machine.config. --- Dominick Baier - DevelopMentor http://www.leastprivilege.co...more >>

I'm using the Profile and Authorization Application Block and its ExtendedPrincipal to implement authorization on a web application. Performance is an ongoing issue, since most of our data lives in a Pick database. I believe it may be necessary to hold a user's effective permissions (not ...more >>

does your asp.net app run as a domain user? --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<OHJj2ef7EHA.1260@TK2MSFTNGP12.phx.gbl> Hi, I have a ASP.NET web app in which I am trying to create a Kerberos t...more >>

gimme a email address and i send you my code... --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<OrUAZ8P7EHA.1392@tk2msftngp13.phx.gbl> As far as I can see, I'm up-to-date but the problem persists... ...more >>

there is a october ctp of vc# express, maybe you try that one... http://lab.msdn.microsoft.com/express/vcsharp/ --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<#khj$wM7EHA.3708@TK2MSFTNGP14.phx.gbl> ...more >>

asp.net (under iis6) uses the app pool identity account for access to windows objects (e.g. files) - i assume you do something like FileStream fs = new FileStream("specific file in some folder"); in this case _every_ file system access is under the security context of 'UserB' - in your "acc...more >>

Hi all, I am having a strange problem with a NTD Smart Client application. I've created a small stub app which is installed on the client pc. The stub application uses the Assembly.LoadFrom method to load forms from an assembly. The assembly that the forms are loaded from are on my web serv...more >>

it is the Community Tech Preview from November (available on msdn subscribers) --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<earhjlE7EHA.3236@TK2MSFTNGP15.phx.gbl> I would be glad to receive any hel...more >>

hi, i am currently working on a sample and a tool to troubleshoot with SslStream - i half way finished (and working so far). i can send you what i got... One thing to note - i am not quite sure if SslStream in your .net build is working at all...i am using Nov CTP and they changed e.g. some ...more >>

I am trying to get the ProcessID of a process that I have just started. It is within ASP.NET, but with impersonation of non-Admin user. If I call 10 times in the same request, it succeeds about 80%. 2 of the 10 will give System.ComponentModel.Win32Exception: "Access is denied" I saw something po...more >>

Hello, I'm working on word automation through .Net web application. Whenever I try to create an instance of word application is says "The message filter indicated that the application is busy".Please help me. Thanks in advance....more >>

We No Touch Deploy our assemblies from a web server. So, our app runs from the download cache. We have a custom URL code group on each machine with FullTrust. On the web server, our assemblies are stored in a folder called, lets say "Folder1". The code url condition type points to the we...more >>

Is the high encryption pack needed on client computers if my app uses rijdaelmanaged for encrypting data? If it is need, then will RC2 work fine without the high encryption pack? andrew ...more >>

I have a windows service that impersonates another account fine when it runs under system account but fails to impersonate when run under a user account. What permissions must the windows service user account have inorder to do impersonation? the error i get is: System.ComponentModel.Wi...more >>

is there any way to impersonate another account at the command line when logged into a windows 2000 server account via remote desktop? ...more >>

I have a winforms user control that I need to use in our web page. The control connects to a remoting object. When I try and make the initial connection I get an error message: "The application attempted to perform an operation not allowed by the security policy. To grant this application th...more >>

I'm encountering a strange permission issue with a custom UserControl... The UserControl is part of a WinForms project (exe), however it exposes a public event which declared in another assembly (dll). Nothing out of the ordinary there. A winform (FormMain) in the exe project contains the c...more >>

Is there any posibility to sign txt file? Capicom don't have it. I created application ("MyApp1"). It creates a config file for second application ("MyApp2"). I want, that after creating config MyApp1 digitally signing this config. ...more >>

I am trying to have an application already running refresh its code access security settings information after a change has been done in the .NET configuration application. Is there a way to make the AppDomain reload the security settings from disk? Thanks, Oldman...more >>

1. Is there a way I can create X509 digital certificates with DSA key? 2. Is there a way to retrieve DSA Keys out of the X509 certificate using ...NET framework or WSE cryptography classes? ...more >>

hai everybody, I have written a code for accessing senderemailaddress from outlook 2002 using redemption. The code is as below: Dim PrSenderEmail, strSenderEmail Dim ns, itm As Object Dim application As New Outlook.Application Dim utilobj = Createobject(" Redemption.MAPIUtils") ns =...more >>

Does the account that tries to impersonate hold the "Impersonate after Authentication" privilege? --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<CCF3CA07-2D63-482E-93CF-A53761350709@microsoft.com> Hi...more >>

What security issues shall I care about when sending http requests from a windows service? I have a console program that works fine if I start it from command line and doesn't seem to work when I start it from a windows service. I am using HttpWebRequest and HttpWebResponse classes. Eliyahu ...more >>

We are using Authorization Manager in an ASP.NET application. We are using Microsoft.Interop.Security.AzRoles. We appear to have a memory leak when calling the method InitializeClientContextFromName. In a simulation, when we call this method 1000 times, the LSASS process consumes more and more me...more >>

Hi, I have an WinForms-Exe which will be started from a Shared Network-Drive. Without configuration I get a security exception (FileIO-Permission). Which is the best way to give this EXE or drive the same rights as an EXE in 'Local Computer' zone? - Sign the EXE and use the 'Trust assembl...more >>

Hello, I would like to know how can I restrict access for specific files and folders for specific running processes. For example: Lets say we have three running process P1, P2, and P3, I want to know how can I restrict P2 from accessing a specific folder ex. C:\Test\ and allow P1 and P3 to ...more >>

I have this WinForms application which is exhibiting a strange security issue. The project contains a Form and a UserControl. The Form has a method which populates data and an event from the UserControl. When I call the method from the UserControl event it raises a SqlPermission exception. ...more >>

We have an application that is launched by a separate process and driven through remoting. The problem that we encounter is that it can sometimes be up to 10 times slower to run the application this way than when it is run standalone. This is because it spends a massive amount of time serializing...more >>

Hello, We have an existing web application that we are modifying to contain sensitive, private user data. To secure the app as much as possible we would like to use ssl for the pages that display/edit this data. The production server is not as much of a worry at this point - however I am ...more >>

Hi Does anyone have any good C# sample code that shows how to encrypt a file using the public key from a x509 certificate file? It would also be nice with some examples of how to decrypt the file using the private key from the same certificate.. I need an "unbreakable" way of encrypting ...more >>

is there any way to get to a unique build verion of an assembly at runtime? e.g. a version that is unique to the time that the assembly was built? ...more >>

Hello all, My question is why doesn't my impersonation work when instantiating an XmlTextWriter object from a Web Service? The following code and comments show what I am running into: string s = System.Security.Principal.WindowsIdentity.GetCurrent().Name; //This string contains my impersonate...more >>

When we implement SSL to any site and the Microsoft tabstrips are used in the ASPX pages, there is a message saying : Do you want to show secure and unsecrure items? Does anybody know the solution?...more >>

Hey all, I'm trying to figure out how to use declarative security requests to only restrict a portion of both DNS and socket addresses. In other words, currently in my application I have: [assembly:SocketPermission(SecurityAction.RequestMinimum, Unrestricted=true)] [assembly:DnsPermission(Sec...more >>

Hello: I am a member of a team creating a .NET application, and we seem to have run into an issue when trying to implement role based security. Our application makes use of a fairly common (table based) security model in which privileges are assigned to roles, which are then assign...more >>

Hi, Can I use DirectoryServices to authenticate a local WINNT user? The following doesn't work when I give wrong password. DirectoryEntry entry = new DirectoryEntry("WinNT://mycomputer", "user", "pass"); try { Object obj = entry.NativeGuid; //this line does the authontication } ...more >>

Hi, Check it out http://www.harper.no/valery/PermaLink,guid,79c17dba-9f6c-480e-a236-e11f671ca4bc.aspx, I believe that many of you may like it. ....After hearing a lot of "run as non-admin" discussions, I thought that it would be great if I could log on as administrator, but my shell will...more >>

I have been running into an issue with authenticode signed assemblies. The fact that the CLR seems to need to walk the certificate chain everytime an authenticode signed assembly is loaded is proving to be quite a problem for us. If some users are working in an isolated network (certain ports ...more >>

This has probably been asked a thousand times before, I'm sorry, I just can't find an answer on the web. I want to sign my assembly with a strong name, and I allready did this successfully a few times. Only this time the assembly refenrences Interop.SQLDMO.dll which obviously isn't signed. Can...more >>

Hi, I want to store some password in a config file, but I don't what to store them as plain text. What is the best way to encode and decode strings? Thanks JF ...more >>

Hi, Our company is currently writing a .NET application that makes use of a graphing component provided by a 3rd party. The graphing component includes a certificate issued by "Thawte". As the component is loaded into the .NET runtime, checks are made as to whether this certificate has been...more >>

Hi all, Using the .NET fx configuration utility, mscorcfg is it possible to completely lock down a client computer and ensure that only our (software publisher) managed and unmanaged applications can run on it? The reason, I ask is becuase we are an ISV that provides a mixed managed/unma...more >>

Hi I have a shared assembly A that i'm using from a partially trusted (IE hosted usercontrol) assembly B. A needs full trust but i don't want B to have full trust as well. So i opened the .NET Configuration screen and added 2 code groups based on the url of A and B. Problem is that A does...more >>

this is my code. if code is NO1, error raised. if code is NO2, result is wrong value. what is problem.. ======================== my code ====================== string keystring = "12345678"; string ivstring = "12345678"; string source = "we can do it !"; byte[] byteRet = ...more >>

Greetings, I am trying to build an interface into an existing system which accepts UTF-8 encoded "messages". In these messages, there is a unencrypted base64 "key" in the header which is used to encrypt the "body" of the remainder of the document. How do I do simple encryption and decryp...more >>

Please forgive the lengthy post. I am trying to get my winform usercontrol to work properly when hosted in ASP.NET. It is strongly named and has the APTC attribute set. I am using some Infragistics controls, all of which are strongly named and have APTC set. I need "Full Trust" or "Everything" ac...more >>

Is there any such tool that can scan .Net and/or C++ code/components to analyze it for possible security issues? Thanks. STom ...more >>

When I tried to access my aspx server, I got the config error followed. basically it complains about <add assembly="*"/> in machine.config. I don't think I made any change to this file at all. What's happening? Thanks! Configuration Error Description: An error occurred during the proces...more >>

I am posting this question here without really knowing if it is a security question but here it goes: Suppose I have an assembly 'A' containing multiple public and internal classes for use within our company to develop our application. We have developed a second assembly 'B' to provide cer...more >>