Improving Web Application Security: Threats and - CGISecurity

Checklist:Security Review for Managed CodeHow to Use This ChecklistThis checklist is a companion to Chapter 7, “Building Secure Assemblies”, andChapter 8, “Code Access Security in Practice.” Use it to help you implement asecurity review for managed code in your Web application, or as a quick evaluationsnapshot of the corresponding chapters.This checklist should evolve so that you can repeat a successful security review ofmanaged code.General Code Review GuidelinesCheck DescriptionPotential threats are clearly documented. (Threats are dependent upon the specific scenarioand assembly type.)Code is developed based on .NET framework coding guidelines and secure coding guidelinesat http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/cpconnetframeworkdesignguidelines.asp.The FXCop analysis tool is run on assemblies and security warnings are addressed.Managed Code Review GuidelinesAssembly-Level ChecksCheck DescriptionAssemblies have a strong name. (Dynamically generated ASP.NET Web page assembliescannot currently have a strong name.)You have considered delay signing as a way to protect and restrict the private key that isused in the strong name and signing process.Assemblies include declarative security attributes (with SecurityAction.RequestMinimum) tospecify minimum permission requirements.Highly privileged assemblies are separated from lower privileged assemblies.If the assembly is to be used in a partial-trust environment (for example, it is called from apartial-trust Web application), then privileged code is sandboxed in a separate assembly.