473,320 Members | 1,853 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Compilation of Code in Microsoft Visual Studio .NET and a couple of other Microsoft .NET questions

Hi all, I'm afraid this is the second posting of this information as I didn't get a response on the previous post. I will try to shorten my message (i.e. be more concise) in the hopes that it will make it easier for someone (i.e. a Microsoft person) to digest the information and respond to it. I am a C++ and Java developer with over 3 years of industry experience. I've written low level C++ code, in addition to web clients that use web services. I've just recently installed the Visual Studio .net Professional trial version 2003. I have been reading up various documents that discuss - "What is Microsoft .Net" and have found some enlightening information

I'm trying to write a paper on security and software development using Microsoft .Net. So far the most difficult aspect has been determining - what is Microsoft .NET?

--Questions-

1. What is included in the "set of software technologies" that are part of Microsoft .NET beyond the Microsoft .NET Framework. Specifically, I'm wondering if I speak to someone about Microsoft .NET does that include Microsoft Visual Studio .NET and other supportive technologies

2. If I write unmanaged C++ code in Microsoft Visual Studio .NET is it transformed/compiled into MSIL (intermediate language) and then Just-In-Time comiled using CLR into native code? If so, is the best way to look at the MSIL form of this code by using ildasm.exe? I notice when I comile C# code that there is a tempPE directory. Is this where the MSIL form of the C# program is stored temporarily? If so, can I force Visual Studio .NET to leave the file there after compilation

3. If I can find a security issue (i.e. one of the functions like printf in iostream provided by Visual Studio .NE
has a security flaw) in a C++ program (compiled using Visual Studio ..net) then does that mean that I have found a security flaw in .NET or is it just a security flaw in Microsoft's implementation of the printf function? I.E. are they one and the same

4. When I read this one .NET security document "Security in the Microsoft ..NET Environment" it indicated the framework had a variety of security mechanisms
Evidence-Based Security, Code Access Security, Role-Based Security, etc. Are these just features of using the libraries available in all of the languages that are compiled into MSIL (like C#, C++, ASP.NET, etc)? The document even went on to show a line of code (from I assume ASP.NET)
if (HTTPContext.IsCallerInRole("Admin"){...}

5. (a) If I compile a C++ program (that uses only managed code) using Visual Studio .NET will that executable require the .NET framework to be installed? I.E. if I send it to my friend on a different computer (same OS), will he require the .NET framework to execute it

(b) If I compile a C++ program (that uses only UNmanaged code) using Visual Studio .NET will that executable require the .NET framework to be installed? I.E. if I send it to my friend on a different computer (same OS), will he require the .NET framework to execute it

(c) Also, has the executable in (b) been generated using the JIT compiler in CLR

In summary, I want to clearly understand where .NET begins and ends. I want to know if I find a security related problem in some of the supporting libraries (i.e. iostream) of C++ that are found within Visual Studio .net have I found a .NET security flaw or is it just a security flaw in Microsoft's implementation of the iostream library for C++? Is the security framework I mentioned earlier available to all of the previously mentioned languages like C#, J#, ASP.NET, etc i
some form or another (due to their compilation to MSIL and subsequent JIT compile to native code)?

Thanks for any advice in this regard
Novice
Jul 21 '05 #1
1 3870

"Novice" <6tc1@qlinkDOTqueensuDOTca> wrote in message
news:8B**********************************@microsof t.com...
Hi all, I'm afraid this is the second posting of this information as I didn't get a response on the previous post. I will try to shorten my
message (i.e. be more concise) in the hopes that it will make it easier for
someone (i.e. a Microsoft person) to digest the information and respond to
it. I am a C++ and Java developer with over 3 years of industry experience.
I've written low level C++ code, in addition to web clients that use web
services. I've just recently installed the Visual Studio .net Professional
trial version 2003. I have been reading up various documents that discuss -
"What is Microsoft .Net" and have found some enlightening information.
I'm trying to write a paper on security and software development using Microsoft .Net. So far the most difficult aspect has been determining -
what is Microsoft .NET?
--Questions--

1. What is included in the "set of software technologies" that are part of Microsoft .NET beyond the Microsoft .NET Framework. Specifically, I'm
wondering if I speak to someone about Microsoft .NET does that include
Microsoft Visual Studio .NET and other supportive technologies?
This is a tough question, mostly due to mistakes by MS marketing. I do not
belive any (major)products outside of Visual Studio still use the .NET
moniker.
2. If I write unmanaged C++ code in Microsoft Visual Studio .NET is it transformed/compiled into MSIL (intermediate language) and then Just-In-Time
comiled using CLR into native code? If so, is the best way to look at the
MSIL form of this code by using ildasm.exe? I notice when I comile C# code
that there is a tempPE directory. Is this where the MSIL form of the C#
program is stored temporarily? If so, can I force Visual Studio .NET to
leave the file there after compilation? Unmanaged C++ is not compiled to MSIL, its compiled to native code. As for
the tempPE directory, I don't know off hand waht that does, except that its
part of visual studio, not the compiler. I do not believe the c# compiler
generates an assembly file in any form. To examine MSIL, ildasm is your best
choise though. 3. If I can find a security issue (i.e. one of the functions like printf in iostream provided by Visual Studio .NET has a security flaw) in a C++ program (compiled using Visual Studio ..net) then does that mean that I have found a security flaw in .NET or is it just
a security flaw in Microsoft's implementation of the printf function? I.E.
are they one and the same? That would be a bug in MS's printf function. .NET, as far as security goes,
would mostly be the framework classes. Unmanged C and STL\ATL classes are
not a portion of the framework(although bugs in them are important if you
are using managed C++). 4. When I read this one .NET security document "Security in the Microsoft ...NET Environment" it indicated the framework had a variety of security
mechanisms: Evidence-Based Security, Code Access Security, Role-Based Security, etc. Are these just features of using the libraries available in all of the
languages that are compiled into MSIL (like C#, C++, ASP.NET, etc)? The
document even went on to show a line of code (from I assume ASP.NET): if (HTTPContext.IsCallerInRole("Admin"){...}) Code access and Evidence based security is enforced by the runtime, if
memory serves. So any app that runs in the system is restricted by them.
5. (a) If I compile a C++ program (that uses only managed code) using Visual Studio .NET will that executable require the .NET framework to be
installed? I.E. if I send it to my friend on a different computer (same
OS), will he require the .NET framework to execute it. Yes (b) If I compile a C++ program (that uses only UNmanaged code) using Visual Studio .NET will that executable require the .NET framework to be
installed? I.E. if I send it to my friend on a different computer (same
OS), will he require the .NET framework to execute it. No. (c) Also, has the executable in (b) been generated using the JIT compiler in CLR? No, it would be generated by the MS C++ compiler. In summary, I want to clearly understand where .NET begins and ends. I want to know if I find a security related problem in some of the supporting
libraries (i.e. iostream) of C++ that are found within Visual Studio .net
have I found a .NET security flaw or is it just a security flaw in
Microsoft's implementation of the iostream library for C++? Is the security
framework I mentioned earlier available to all of the previously mentioned
languages like C#, J#, ASP.NET, etc in some form or another (due to their compilation to MSIL and subsequent JIT compile to native code)?
Most of the compilation to native code shouldn't be reliant on the C library
or the STL, however the JIT does use these and *may* be vulnerable, however
proving that may not be easy.
Thanks for any advice in this regard,
Novice

Jul 21 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: Joachim | last post by:
I made some project changes (which seems it doesn't help if I undo) which have created compilation error: " Server Error in '/PCSWebApp1' Application....
2
by: Tommy Vercetti | last post by:
In Visual Studio .NET 2003, I do the following 1) File->New->Project 2) Visual C++ Projects->.NET->Windows Forms Application 3) Project->Add New Item->C++ File 4) Clear the new C++ file and...
0
by: Ganapathy | last post by:
I have COM dll code written in VC 6.0. When i tried compiling this code in VC 7, The MIDL cmpiler gets called twice. i.e. it initially compiles fully & immediately a line - 64 bit processing'...
2
by: Patrick Huffer | last post by:
When I open a certain page, I receive a "Compilation Error" as follows: Compiler Error Message: CS0117: 'System.Web.UI.HtmlControls.HtmlForm' does not contain a definition for 'ValidateInput'...
5
by: Raterus | last post by:
I'm just throwing this error out for my sanity, I've seen posts about this, but never solutions. I'm using VS.NET 2003, Framework 1.1, and I'm getting a random error about every 1 out of 10 times...
1
by: Novice | last post by:
Hi all, I'm afraid this is the second posting of this information as I didn't get a response on the previous post. I will try to shorten my message (i.e. be more concise) in the hopes that it will...
1
by: Arsalan Ahmad | last post by:
Hi all, I am trying to compile some source files using makefile. While compiling I am getting errors as shown below. Any idea how can I solve this problem. I believe I need to add some...
8
by: ftjonsson | last post by:
hello, I was wondering if anyone could tips me on what I am doing wrong when writing the following code: #include <iostream> using namespace std; int main () {
1
by: misu101 | last post by:
Hi, I have a VS 6 project and I am trying to compile it using VS 2005. My program has the atlbase.h include which seems to trigger the errors. It used to compile OK using VS 6. The include...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.