Current Microsoft Info about CAS and Full Trust

From OWASP
Jump to: navigation, search

Current Microsoft info about CAS and Full Trust

Follwing this comment in What are the 'Real World' security advantages of the .Net Framework and the JVM? "... We are still talking about the basics! Microsoft is yet still to publicly acknowledge that is a MASSIVE PROBLEM the fact that 99% of .Net applications are designed for, and executed in Full Trust!.."


Here is what is currently publicly published from MS about Full Trust and Partial Trust (and it's dangers):


See also A Treasure Trove of .NET 2.0 Security Guidance & Documentation from the ThreatsAndCountermeasures Website and the .Net Framwork Blog (by Shawn Farkas) and the patterns & practices Security Wiki


Until this issue is on https://www.microsoft.com/security I still stand by my original quote


Originally Posted on 11/3/2005