I'm trying to run our .NET 1.1 code on the beta version of .NET 2.0. Almost everything runs fine, however there's one small issue: The following code is used to encrypt some data, the Key and IV are derived with PasswordDeriveBytes. 'salt' is a byte array with length 256 (identical in both CLR...more >>

Hi, I've run into a problem that may be security related that I haven't been able to find a whole lot of information on and I'm hoping someone might recognize it enough to give me some pointers. I've got the following code: XslTransform myTransform = new XslTransform(); myTransfor...more >>

Public Private Key Pairs - How do they work? ----------------------------------------------- I was looking at a presentation recently in which it was suggested that - User 1 Encrypts a message using User 2's Public Key. User 2 Decrypts the transmission using his Private Key to get the origna...more >>

Hi All, This is all about protecting my data in Executable file. I have developed a program in Visual Basic .NET 2002. I have many questions in mind... please help me to complete my project. 1. I have very much data to be incorporated into the executable file. I have to add much ...more >>

I have built an Windows Service, and I am getting an [Access Denied] error when I execute the following line. Dim AcApp As Access.Application = New Access.Application() The Service is Logged on as a Domain.User. If I give this user Local Administrator rights, then it works. However, I do not w...more >>

I am trying to preclude web clients from reading each others folders and files on a pulic web hosting server running W2k server. They can read each others files/folders by using simple .Net script and System.IO FileInfo and DirectoryInfo classes. The best I was able to do was to 1. Create s...more >>

I have a page that users upload files. Is there a way to restrict the file types that they can upload? thanks, -- Chuck Foster Programmer Analyst Eclipsys Corporation - St. Vincent Health System ...more >>

I need to check if the user of the app has IO and Registy rights. How do I "Assert" that the current user of a WinForm app has these rights? Thanks, John...more >>

Hi, I have the following Impersonation code. This code is in C# and I want to retrieve the data from the SQL server database using the Specified windows username and password. public bool ImpersonateUser(string sUsername, string sDomain, string sPassword) { bool bImpersonated = fal...more >>

I am developing an ASP.NET site where an site administrator can upload files via ASP.NET into a Documents folder. These documents are then viewed by site users. I used the MS KB article http://support.microsoft.com/default.aspx?scid=kb;en-us;323245 to learn how to do this. Is there a securi...more >>

Im trying to find out if a user belongs to a certain group in our domain. I used it before and it works fine. Now i want to do the same but with a groupname that has a white space in the middle of it. for example: DOMAIN\GRP APP. When i call the IsInRole with this groupname it fails and alway...more >>

I've got an ASP.NET application which is impersonating the client and does some role-based acess control internally. The application doesn't see changes in role membership made through the Windows Local Users/Group editor until IIS is reset. WindowsIdentity is apparently caching role membership,...more >>

Do I have to do something special in order to suppress the stack walks by my PInvoke or IJW calls? I plan to operate the .dlls only in a fully trusted environment. My first guess is to apply the [SuppressUmanagedCodeSecurity] attributes to: 1) my C# wrapper class since they can make PInvokes ...more >>

Hi, I have a question about authorizing access to web service. Is it possible to restrict access to certain web service based on domain name of a server requesting that web service. For example, I have a customers of my web service that have a domain name domainA.com. I would like to allow o...more >>

Hi All I am working on a project in which i have to upload files to an remote server via HTTPS. For that i have written the following lines of code,but when i execute it I am getting an HTTP:500 Internal Server Error.Please let me know where went wrong in it. 1.The client has given the cr...more >>