Поделиться через


Security Guidelines: ADO.NET 2.0

To compliment the ASP.NET 2.0 Security at a Glance, Microsoft Patterns and Practices team released the Security Guidelines for ADO.NET 2.0.  There is a lot of good information here to provide guidance on the best practices of using ADO.NET 2.0 in a secure manner.  I particularly like the section on Exception Management, as this discusses a couple of techniques to fail safely in your application.  The other must read section is on Code Access Security, which works hand-in-hand on how to partition your Data Access Code to enable partial trusted ASP.NET 2.0 Applications, thus reducing your attack surface.