Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Feb 03, 2006 12:42 AM by adefwebserver
Nov 29, 2005 10:07 PM|LINK
Nov 29, 2005 10:52 PM|LINK
Nov 29, 2005 11:13 PM|LINK
Nov 30, 2005 09:06 AM|LINK
Nov 30, 2005 11:25 AM|LINK
Nov 30, 2005 08:25 PM|LINK
Dec 01, 2005 03:18 AM|LINK
Microsoft is strongly pushing that all shared hosting providers operate in medium trust which does not provide access to unmanaged code. Now either Microsoft has some inside information on how .Net and IIS work and is making a sound security recomendation,
or Microsoft, being the security conscious company that they are is taking an extremely conservative approach to security. Given Microsoft's history with security, I do not put much stock in Microsoft being overly cautious when it comes to security.
Anyone with a strong security background will tell you that security should always be applied in layers. Each layer protects against different kinds of threats and makes the hackers job more difficult. If you allow websites to operate at full trust, including
access to unmanaged code, then you have effectively disabled all Code Access Security and are now relying strictly on OS security. With that being the case, you have completely removed any security provided by .Net. Microsoft is not the only ones recommending
against running at full trust. Every security company I have seen recommends the same thing.
So you may continue to believe that it is ok, but the tide is already turning in the hosting community and it won't be long before almost all hosters start restricting accounts. You have been warned.
Dec 01, 2005 08:08 PM|LINK
Feb 01, 2006 05:58 PM|LINK
Feb 01, 2006 09:46 PM|LINK