Most Helpful Customer Reviews
15 of 15 people found the following review helpful:
1.0 out of 5 stars
Contra Appleman Polishers, January 2, 2004
By A Customer
This review is from: Hijacking .Net Vol 1: Role Based Security (Digital)
It's hard to see how other readers of this eBook could regard it so highly. (One begins to wonder whether or not they're some sort of Appleman polishers.) About 25% of this tomelet consists of advertisements for Appleman's other works and a blighted index which lists every last one of them. A further 10% of the book contains unnecessary MSIL from mscorlib.dll. Yet more space is consumed by VB.NET code which regurgitates that listed in C#. By my estimate then at least 40% of this offering should have been removed before release. Turning now to the content, this book's overview of
role based security is simplistic to the point of
puerility. Reducing security to a slogan such as
"Can you do something [to some object]" is claptrap
for simpletons. The book's idea of hijacking .NET
is to call the Type.InvokeMember() method with
BindingFlags.NonPublic as one of its arguments and
to use P/Invoke to call native code. Since none of
this will violate Code Access Security, it's hard to
see how it qualifies as hijacking .NET. If you're
interested in seeing what Appleman does, you should
download the code for this book from his web site
instead of allowing him to hijack your wallet.
Help other customers find the most helpful reviews
Was this review helpful to you? Yes
No
11 of 11 people found the following review helpful:
3.0 out of 5 stars
well worth reading, August 28, 2003
This review is from: Hijacking .Net Vol 1: Role Based Security (Digital)
I had to read this - touted as the first volume in a series that could be for .NET what Appleman's books were for the Win32 API. But a fair bit of the ebook is just a guided tour of windows role based security, well written though. The core of the 'hijacking' part could be boiled down to a couple of pages. Essentially it's this: Marking a class or method as private in .NET impacts its visibility, but not its security boundary - i.e. it is possible to invoke private methods.
And vs.net provides all the means necessary to do so: Step One - navigate to the library/class you want with ildasm and have a peek at the IL. From that its pretty straightforward to grok the private objects/methods you might be interested in.
Step Two - use the InvokeMember method of the Type class to make use of private class/method. That's it. Classic Win32 API Appleman this is not, how useful the technique is - I'm not sure (not so much in in commercial work i suspect), but it's still well worth a read.
Help other customers find the most helpful reviews
Was this review helpful to you? Yes
No
1 of 5 people found the following review helpful:
5.0 out of 5 stars
Great writing and code in the Appleman tradition, September 1, 2003
This review is from: Hijacking .Net Vol 1: Role Based Security (Digital)
The lessons of this PDF are twofold: 1) You get a great extension to .NET role-based security APIs via Dan's code writings and 2) In the teach-you-how-to-do-it-but-at-your-own-risk! tradition of Dan Appleman, you learn how to introspect the .NET Framework class libraries and work with their internals. Or more to the point, with the internals of *any* reflectable .NET assembly. Bottom line: If you like knowing internals and haven't tackled the Reflection namespaces in .NET yet, this is a good start. (You'll probably need reflection skills at some point anyway). It's a great read!
Help other customers find the most helpful reviews
Was this review helpful to you? Yes
No
|
