.Net Full Trust

This page contains links to Dinis' research on the problems of .Net's Full Trust.

Note: this section is under construction, there are still quite a number of resources that need to be added.

Articles and Posts trying to raise attention to this issue

 * An 'Asp.Net' accident waiting to happen
 * Microsoft must deliver secure environments not tools to write secure code
 * Full Trust Asp.Net Security Vulnerabilties, and Microsoft's current position
 * Current Microsoft Info about CAS and Full Trust
 * What are the 'Real World' security advantages of the .Net Framework and the JVM?

Other (misc)

 * Microsoft's 'Full Trust ASP.NET in IIS 6.0 is Insecure by Design, by Default and in Deployment' Internal White Paper
 * Secure by de...what? (User instances in SQL Server 2005 Express Edition)
 * The .Net Framework is also affected by the WMF vulnerabilty
 * Mono vs Medium Trust
 * 'Is .NET A Wrapper Around Win32?' and 'Analysis of .NET Use in Longhorn and Vista'