Jump to navigation

Poupou's Corner of the Web

Looking for perfect security? Try a wireless brick.
Otherwise you may find some unperfect stuff here...

Weblog

The Managed Way

Hey it's me again! I've been planning for a long time to move my blog to another web site but, as I didn't have the time to do so during my vacations, I decided that it was better to blog here than not blog at all - YMMV.

Looking back at my previous posts it became clear that there were certain patterns to what I did. First it's (mostly) about security. It's also about ".NET and it's nice managed world" or, it's dark side "it's not always easier, or safer, to P/Invoke our way". Or is it ?

P/Invoking is a great and easy way to reuse existing code. So easy in fact this a probably one of the major advantage of .NET over Java. And it's still becoming easier everyday with sites like pinvoke.net.

So what's the catch ? Well P/Invoking isn't without problems. The invoked resources aren't managed (e.g. different versioning, i18n, binary portability) and pose security risks. This is why calling unmanaged code requires a high-level of trust on the executing assembly. This in turns limits your code reusability because you never know under which context your code may be running in a few years.

However the biggest catch is that, P/Invoking being so easy, many people don't even look if a managed solution exists to address their problem (and choose the best one of course). They will either fallback on what they know or on what they can google quickly. I can't do anything about what people know (and wouldn't even if I could ;-) but I seem to google my name (too) often when looking at anything related to ".NET security". Maybe blogging some samples, or alternatives to existing samples, would be useful for them.

Note: I'll limit myself to (mostly) security related samples but feel free to blog on the same pattern for anything you can find :-)


8/11/2004 20:03:17 | Comments

The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.