Friend Assemblies

July 31, 2008

One of my students sent me this question by email: "Say we have a DAL layer assembly and a BL layer assembly. Each BL class is responsible for saving one entity – let’s call one of the entities ‘X’. Since the BL uses the DAL to perform the actual save operation, the XDAL.save(x) must be public. This way, we can’t force the developer to go through BL.save(x) and it can be bypassed – calling XDAL.save directly (skipping validation part for example). It can be solved in some nasty way… But we heard there might be something helpful in...
one comment

Some "Less Famous" but Useful LINQ Operators

July 20, 2008

LINQ has many operators, but some get more attention than others. The most famous are the ones which can be expressed in a from clause, such as Where, OrderBy, OrderByDescending, GroupBy and Select. However, many other operators exist - here's my favorite list: Intersect, Union, Except These operators are the set operators intersection (AND), union (OR) and difference. The Intersect operator returns the items that are present in both sequences as a new sequence. Here's an example:var list1 = new List<int> { 2, 4, 9, 11, 3, 6 }; var list2 = new List<int> { 3, 8, 4, 30, 9,...
no comments

קורסים קרובים שאני מעביר

July 15, 2008

שני קורסים שאני עומד להעביר בקרוב ואולי יעניינו מישהו... ב-27 ליולי (החודש הזה) אני מעביר את Advanced .NET with C# - הקורס הורחב ל-4 ימים וכולל גם את .NET security ומבוא ל-C# 3 ו-LINQ. סילבוס מלא ניתן למצוא כאן. ב-31 לאוגוסט אני מעביר את הקורס Windows Internals ששודרג אף הוא וכולל חומר חדש על ה-Internals של Windows Vista ו-Windows Server 2008. הקורס כולל חומר המסביר את אופן הפעולה של Windows ברמת ה-kernel וחלקים הקרובים ל-kernel. הוא מיועד לכל מי שרוצה להבין לעומק כיצד Windows עובד בנושאים כגון Processes, threads, virtual memory, I/O, security ועוד. הוא מתאים במיוחד לכותבי device drivers ולמי שעוסק ב-system programming,...
2 comments

Reflection and Privates

July 8, 2008

During teaching of .NET reflection topics, I mention that using reflection, one can get to the private members of types, and even invoke those members dynamically. I sometimes get the response in the lines of - how is this possible? What's the point of putting something as private if it's exposed through reflection? The answer to the "dilemma" is that applications usually run with FullTrust permissions, which means they actually can do anything, including poking in other's privates. But, doing reflection requires having the ReflectionPermission permission with an appropriate flag (ReflectionPermissionFlag enumeration) which may not be granted in partial...
4 comments

Malware and Hidden Registry Keys

July 2, 2008

One of the ways malware activates itself after it infiltrates a system, is by adding itself to the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Run with a value of Rundll32.Exe, the malware DLL (usually a random character combination) and an entry point. However, if you open RegEdit.Exe and try to find those keys - you usually won't. That's because they're hidden, or to be more precise - hidden from RegEdit.Exe. RegEdit.Exe uses the Win32 API to query and manipulate the registry. Keys and values are NULL terminated (with the ‘\0' character). But, the Native API (the undocumented API exposed through NtDll.Dll allows embedded ‘\0' characters (a length is provided, which is all that's...