From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_0406_01C506EB.703993F0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   See  =
http://msdn.microsoft.com/library/en-us/secmod/html/secmod93.asp, =
http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh20.asp, and =
http://msdn.microsoft.com/library/en-us/cpguide/html/cpconASPNETApplicati=
onSecurityInHostedEnvironments.asp for instructions on how to use = ASP.NET
in a shared hosting environment.  There are probably other = sources.

   Microsoft software never automatically executed or even installed =
ActiveX controls because they are signed.  This is a often repeated myth =
perpetuated by folks who obviously never cared to be truthful.

Rich

  "Mike N."  wrote in message =
news:8csqv0dtbp4itahvbfe8p059838s3108ed{at}4ax.com...
  On Sun, 30 Jan 2005 15:37:50 -0500, "Geo"  wrote:

  >You cannot host .NET web sites where website owners are not trusted =
users.
  >Allowing untrusted users to upload executable code to a webserver =
where that
  >code cannot be strictly limited to just their site is counter to =
basic
  >security practices.

     Is shared .NET web hosting inherently unsafe, or is it just
  mathematically impossible to prove it safe?  .NET is a bit different =
from
  the stupid earlier Microsoft default security of "it's ok to =
automatically
  execute activeX controls as long as they're signed".


------=_NextPart_000_0406_01C506EB.703993F0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








  
See  http://msdn.microsoft.com/library/en-us/secmod/html/secmod93.asp"=
>,=20" target="new">http://msdn.microsoft.com/library/en-us/secmod/html/secmod93.asp,=20
http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh20.as=
p">http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh20.asp;=
,=20
and http://msdn.microsoft.com/library/en-us/cpguide/html/cpconASPNETA=
pplicationSecurityInHostedEnvironments.asp">http://msdn.microsoft.com/lib=
rary/en-us/cpguide/html/cpconASPNETApplicationSecurityInHostedEnvironment=
s.asp for=20
instructions on how to use ASP.NET in a shared hosting =
environment.  There=20
are probably other sources.
 
   Microsoft
software never =
automatically=20
executed or even installed ActiveX controls because they are =
signed.  This=20
is a often repeated myth perpetuated by folks who obviously never cared = to be=20
truthful.
 
Rich
 

  "Mike N." <mike{at}u-spam-u-die.net>">mailto:mike{at}u-spam-u-die.net">mike{at}u-spam-u-die.net>
=
wrote in=20
  message news:8csqv0dtbp4=
itahvbfe8p059838s3108ed{at}4ax.com...On=20
  Sun, 30 Jan 2005 15:37:50 -0500, "Geo" <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net> =
wrote:>You=20
  cannot host .NET web sites where website owners are not trusted=20
  users.>Allowing untrusted users to upload executable code to a=20
  webserver where that>code cannot be strictly limited to just =
their site=20
  is counter to basic>security
practices.   Is =
shared=20
  .NET web hosting inherently unsafe, or is it justmathematically =
impossible=20
  to prove it safe?  .NET is a bit different fromthe stupid =
earlier=20
  Microsoft default security of "it's ok to automaticallyexecute =
activeX=20
  controls as long as they're =
signed".

------=_NextPart_000_0406_01C506EB.703993F0--

--- BBBS/NT v4.01 Flag-5