> Therefore my statement stays that parameterized SQL actually provides > better protection against SQL injection than parameterized call to stored > procedure. obvious typo. Should read: Therefore my statement stays that parameterized SQL select (insert/update/delete) actually provides bett...more >>

"Valery Pryamikov" <Valery@nospam.harper.no> wrote in message news:... >> Sorry but you lost me. :( Can you explain the difference in an easier to >> understand manner? I'm a newbie. Thanks. > Lets us compare call of stored procedure and sql select with using > parameters (? or @paramname): ...more >>

How do I grant acess to a folder using VB.NET. I need to add a group and 2 users. I know this can be a long answer so if you can just point me in the right direction or where I should porst this question, that would be great. Any links on how to would be greate. -- Thanks, Dave...more >>

Is RSA a good encryption method? Also I'm having a problem pulling the string out of the database and decrypting it. Please Help Code is below: Private Function EncryptPassword(ByVal a_Password As String) As String Dim ByteConverter As New ASCIIEncoding Dim dataToEncrypt...more >>

Hello all - I'm having a problem concerning Impersonation while connecting to SQL Server. I'm not sure if I'm posting this to the right newsgroups, so let me know if it belongs elsewhere, and please excuse the cross-post. I'm writing a Windows Forms application that makes direct calls to a...more >>

I have an application that stores user input via a text box. The text box lets user enter their hobby, which can then be viewed in their page by others. This hobby is linked by the application so that it searches the database for other users who have the same hobby. The search string is displ...more >>

I've read a few articles on ways to prevent SQL injection. I'd like = your opinion as to which is better. Or, if there's another way I've not = heard of, please suggest it. Thanks! #1. http://www.sitepoint.com/article/sql-injection-attacks-safe/5 Run user input through a function which s...more >>

We are endeavouring to get a .NET product certified as "Designed for Windows XP". As you know, this involves getting a VeriSign ID. While enrolling for this, one question asked for the "Cryptographic Service Provider", giving a drop down containing smart-card providers like Inifineon, and al...more >>

Hi This is a question for all those .Net gurus who have ssen umpteen .Net products come and go so far. The question is fairly simple -- Do the softeware houses really obtain digital signatures from (eg. Verisign) and sign their assemblies before releasing them for production? How important it ...more >>

Hi, I have several web pages in my app and would like to restrict certain users from accessing certain pages. Can you provide me any pointers on how to implement a role based security so that a page is displayed only to a certain role? TIA. ...more >>

Hi, Iam using SignedXML.CheckSignature() method for validating XMLDSIG SignedInfo signature value. It works great until u have a reference which cant be resolved. My requirement is to sign an MIME attachment which cant be directly resolved by SignedInfo class..So Iam trying to manually implem...more >>

Ladies and Gentlemen, EldoS Corporation recognizes the growing importance of security, based on industry standards, and to support security efforts of various organizations we release PKIBlackbox as free library for use in your end-user applications. Why PKIBlackbox? Unlike CryptoAPI, OpenS...more >>

Hi, I am a newbie at .net so I appreciate all of your help. I have a datagrid displaying unc_path's as a hyperlink to shares on servers. The problem that I'm having is that I get "Access denied" but only on serverA. Shares on ServerB are accessible. ServerA is located remotely, ServerB is l...more >>

Last night our production servers were updated with the following patches: 814078 jscript5.6 ..net1.1sp1 gdi+detection tool, 833989-28 IE6, 867801-25 IE6, Office XP -28- 832332, Wordperfect -27- 873379 Since the update, the Windows service I created in VB.NET is no longer able to update ...more >>

While working at a small application, and trying to be a good .net citizen I perform a check to see if the executing code has permission to work with files in a specific directory, like this Dim FilePerm As FileIOPermission = _ New FileIOPermission(FileIOPermissionAccess.AllAcc...more >>

Hi, I am trying to get remote process and servicecontroller objects. While they code works if i have privilages in the remote machine, it does not when i dont have them. Now my question is how do i specify username/password/privilages when i use process and servicecontroller objects. Any co...more >>

Hi, I'd like to have some advice to set our security procedure. I've read several blogs and articles and now know several methods and techniques. What I need is some code details and best practices. I have two scenarios. All this is in Web applications and XML Web Services in C# and .Net...more >>

I posted this message a couple of weeks ago and know one answered. I am not sure if why. I am sure that I am not the only one that has had this issue. Or is it because I used a dirty N word. "Novell" Here is my previous post. I really hope someone can help with this because I don't know wha...more >>

Are the encryption algorithms used by System.Security.Cryptography FIPS 140 compliant and is there any documentation that backs this up?...more >>

Is there a way I can toggle SecurityManager.SecurityEnabled so that I can test some methods that check this value? For example, I have a class that I want to use with NUnit as follows: [Category("Exceptions - code access security is disabled.")] [TestFixture()] public class CodeAccessSe...more >>

Hi everyone, I've used the Win32 API before to access files on restricted directories. This work involved the "LogonUser" and "ImpersonateLoggedOnUser" API functions, among others. I'm into .Net now, and while I could continue using the API functions to access these files, ...more >>