Monday, August 18, 2008

.NET 3.5 SP1 - an obscure gift

JTBWorld pointed out a small but nice enhancement to the latest Service Pack for Microsoft .NET:

The fact that code executing from a network share now has the same permissions as code executing on your local hard drive.

(Begin Venting)
"What? it didn't before? Why?" - obviously you haven't had the pain of trying to make this work. Microsoft's concern was that code executing from a network share could be a virus, worm, etc - something undesirable. So they made it impossible. OK, so it wasn't impossible - they just made it aggravating. To make this work prior to now, you had to go into the world of CASPOL - Code Access Security POLicy, either through your control panel, your company security policies, or the CASPOL.exe command line tool. Fundamentally, you had to make guidelines for when to trust particular .NET assemblies (based on where they were installed, or a signed publisher cerificate, etc).

The joke is - that these restrictions were only for .NET applications. Any hacker who was using a non-.NET language had no such restrictions.

(End Venting)

Anyway - it's good news that it's a changed behavior. This should make it easier for average CAD Managers, IT managers and developers to support a centralized deployment methodology - whether for Revit, AutoCAD, etc.

(Note: Jimmy didn't even have it posted for a day before this caveat came up - you need to add an "acdbmgd.ini" file to force it to not optimize to .NET 3.5 SP1 work with AutoCAD at all).

No comments: