"Nick" <so*****@somewhere.com> wrote in message
news:eh**************@TK2MSFTNGP09.phx.gbl...
Hi all,
Using the .NET fx configuration utility, mscorcfg is it possible to
completely lock down a client computer and ensure that only our (software
publisher) managed and unmanaged applications can run on it?
The reason, I ask is becuase we are an ISV that provides a mixed
managed/unmanaged suite of Windows software tools to go with our hardware
offering. We supply systems that process life critical data, meaning that
we are very concerned by the fact that an open system could be tampered
with and become potentially, very dangerous.
I've seen Juval Lowry's webcast on rich client application security in
which he demonstrates the .NET configuration utility and understand that
using this tool with strong names, I can ensure that only our .NET apps
will run. Unfortunately, we have a great deal of unmanaged C/C++ and VB6
apps and components (some of which are bought in!) which would also need
to be configured in a similar fashion.
Being relatively unfamiliar with the unmanaged windows world, do I need
to:
A) Pull out C++ 7 and rebuild our components with IJW into .net
assemblies?
or
B) Would it be easier to use some other tool (if so what?) to set windows
permissions based on the user logged in?
This needs to be a completely locked down terminal. Nothing needs to be
running except the OS and the processes I define.
Thanks in advance,
Nick
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.799 / Virus Database: 543 - Release Date: 19/11/2004
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.799 / Virus Database: 543 - Release Date: 19/11/2004