Why bar() is more secure than foo()

Joe Duffy has an interesting article on secure exception handling (which I will call "why bar() is more secure than foo()". That is, of course, an oversimplification to avoid spoilers to the real article. :-)

void foo()

{

// Impersonate

try

{

// something causes an exception...

}

finally

{

// revert impersonation

}

void bar()

{

// Impersonate

try

{

// something causes an exception...

}

catch

{

// revert impersonation

throw;

}

finally

{

// revert impersonation

}

posted on Friday, January 14, 2005 12:13 PM

Feedback

No comments posted yet.

My Links

Home
Contact
Syndication
Login

Blog Stats

Posts - 359
Stories - 12
Comments - 167
Trackbacks - 189

Article Categories

Articles

Archives

November, 2007 (1)
October, 2007 (2)
February, 2007 (3)
December, 2006 (4)
November, 2006 (1)
October, 2006 (3)
September, 2006 (1)
August, 2006 (4)
July, 2006 (3)
June, 2006 (4)
May, 2006 (6)
March, 2006 (5)
February, 2006 (11)
January, 2006 (26)
December, 2005 (16)
November, 2005 (8)
October, 2005 (19)
September, 2005 (19)
August, 2005 (17)
July, 2005 (15)
June, 2005 (6)
May, 2005 (9)
April, 2005 (5)
March, 2005 (14)
February, 2005 (9)
January, 2005 (17)
December, 2004 (15)
November, 2004 (12)
October, 2004 (9)
September, 2004 (10)
August, 2004 (14)
July, 2004 (12)
June, 2004 (8)
May, 2004 (6)
April, 2004 (7)
March, 2004 (13)
February, 2004 (14)
January, 2004 (11)

Image Galleries

My 67 Camaro SS

.NET Development

.NET Architecture Center
.NET Junkies
ASP.NET
Chris Sells Blog (RSS)
Dan Appleman
Don Box Spoutlet (RSS)
Google (best ever!)
GotDotNet
Ingo Rammer
Ingo Rammer's Blog (RSS)
Joel on Software
Visual Studio Magazine

About Sean Chase

Resume

Companies

Ultra Entertainment
Unboxed Solutions, Inc.
Wonder Interactive

Disclaimer

Disclaimer

Interviewing at Microsoft

Chris Sells Infamous List
My Questions

IT News

DotNetSlackers
Microsoft Watch