T
Techno_Dex
SP1 now plays with new trust rules when using assemblies across a network
share. By default these assemblies are now granted full trust where in
previous versions the Microsoft .NET Framework 2.0 Configuration utility was
used in order to increase security trust from partial to full on signed
assemblies. The problem with this new change is since .NET 3.x+ versions
are basically service packs of the 2.0 framework anyone with a VS2005
application built against the v2.0 framework can kiss this security goodby
as once the 3.5 SP1 is installed the v2.0 application now operates in full
trust mode across a network share by default even though it wasn't compiled
against the v3.5 framework. I agree that this was a good improvement to
make, but this is also going to create a QA nightmare as applications which
shouldn't require the v3.5 framework will now operate in a different fashion
if it is installed.
share. By default these assemblies are now granted full trust where in
previous versions the Microsoft .NET Framework 2.0 Configuration utility was
used in order to increase security trust from partial to full on signed
assemblies. The problem with this new change is since .NET 3.x+ versions
are basically service packs of the 2.0 framework anyone with a VS2005
application built against the v2.0 framework can kiss this security goodby
as once the 3.5 SP1 is installed the v2.0 application now operates in full
trust mode across a network share by default even though it wasn't compiled
against the v3.5 framework. I agree that this was a good improvement to
make, but this is also going to create a QA nightmare as applications which
shouldn't require the v3.5 framework will now operate in a different fashion
if it is installed.