Re: [ADVANCED-DOTNET] CAS limitations

2002-09-11 Thread Pinto, Ed
For specific configuration scenarios it might be possible to get around this problem This is my point. Within the boundaries of the enterprise, I have control over configuration scenarios. I should be able to make these decisions. The fact that FullTrust is more than the Everything permission

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-11 Thread Jeroen Frijters
--Original Message- > From: Moderated discussion of advanced .NET topics. > [mailto:[EMAIL PROTECTED]] On Behalf Of Pinto, Ed > Sent: Wednesday, September 11, 2002 16:30 > To: [EMAIL PROTECTED] > Subject: Re: [ADVANCED-DOTNET] CAS limitations > > > > Sure it could, but what wou

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-11 Thread Pinto, Ed
Sure it could, but what would be the point? There is no way to tell if it is real or not. It could be faked, and the receiver would have no way to know this. Gotcha. So are you saying that even if we involved hashing and signing using a publisher's key, maybe a nonce for good measure... That b

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-11 Thread Jeroen Frijters
rom: Moderated discussion of advanced .NET topics. > [mailto:[EMAIL PROTECTED]] On Behalf Of Pinto, Ed > Sent: Tuesday, September 10, 2002 18:52 > To: [EMAIL PROTECTED] > Subject: Re: [ADVANCED-DOTNET] CAS limitations > > > Hey John and Jeroen. Thanks for the clarifications. > Th

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-11 Thread Pinto, Ed
tools for out of the box prevention of harm, but FullTrust ties my hands. What do you think? Cheers, Ed -Original Message- From: Cavnar-Johnson, John [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 10, 2002 7:21 AM To: [EMAIL PROTECTED] Subject: Re: [ADVANCED-DOTNET] CAS limitatio

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-10 Thread Cavnar-Johnson, John
hould partially-trusted code be allowed to make remote calls? I don't see how this limits leveraging CAS in enterprise scenarios. -Original Message- From: Pinto, Ed [mailto:[EMAIL PROTECTED]] Sent: Monday, September 09, 2002 5:02 PM To: [EMAIL PROTECTED] Subject: [ADVANCED-DOTNET] CAS lim

Re: [ADVANCED-DOTNET] CAS limitations

2002-09-10 Thread Jeroen Frijters
Behalf Of Pinto, Ed > Sent: Tuesday, September 10, 2002 00:02 > To: [EMAIL PROTECTED] > Subject: [ADVANCED-DOTNET] CAS limitations > > > I tried to get some discussion going on this earlier and > failed - perhaps if > I rephrase my questions: > > If FullTrust is required

[ADVANCED-DOTNET] CAS limitations

2002-09-10 Thread Pinto, Ed
I tried to get some discussion going on this earlier and failed - perhaps if I rephrase my questions: If FullTrust is required for code to perform any remoting, does that not prevent us from developing finer grained permissions that can be demanded by remoted code? If the answer is yes, isn't th