Notepad++ ....
-
glennPattonWork3 wrote:
It doesn't generate executables it generates MSIL code
No, it does neither of those things. Visual Studio is an Interactive Development Environment, and as such just manages your projects. All code generation, whether machine or MSIL, is done by the compilers. And straight C/C++ code does not generate MSIL.
Right, a plain vanilla Windows install with .net (since XP?) contains the compilers for C# and VB.net -- Visual Studio is not required. Anyone who knows how to write a bit of such code can produce a .net executable without installing anything else.
-
Right, a plain vanilla Windows install with .net (since XP?) contains the compilers for C# and VB.net -- Visual Studio is not required. Anyone who knows how to write a bit of such code can produce a .net executable without installing anything else.
-
You are assuming IT is worth more than Vis Studio is a "secuirty risk as you can generate executables from it" (I quote) this generated two responses from me Learn the value of spell check, It doesn't generate executables it generates MSIL code which is run by the .NET frame work. :sigh:
glennPattonWork3 wrote:
can generate executables from it
Alternatively, some enterprise whackos are pushing for Python because either: 0) Executables are dangerous and with Python you don't create an executable. or 1) A Python script is the executable, but it's easy to check that it hasn't been altered. In both cases, they like that the script gets deployed directly to the production servers without a build process -- no "executable" in the traditional sense, but it's still an executable. Any other "scripting language" would be the same (e.g. Perl). Of course, how do you know that the script wasn't altered along the way? Or that a bug wasn't "fixed" in production but not checked in? It's the same issue I have with SQL objects such as Procedures, Views, Functions, etc. -- do they really match what we have in version control? Have we checked? As a developer, I prefer traditional languages -- with compilers and "executables" -- when "security" is a factor.
-
PIEBALDconsult wrote:
contains the compilers for C# and VB.net
Well, certainly not on either of our non-dev systems, that I can find. Where would you expect them to be installed?
Assuming at least one version of .net is installed... try
dir /s C:\windows\microsoft.net\Framework\csc.exe C:\windows\microsoft.net\Framework\vbc.exeor C:\windows\System32>where csc.exeC:\Windows\microsoft.net\Framework\v4.0.30319\csc.exe C:\windows\System32>csc.exe /?Microsoft (R) Visual C# Compiler version 4.8.3761.0 for C# 5 (I'm using a rather old Win 8 tablet at the moment.) -
Assuming at least one version of .net is installed... try
dir /s C:\windows\microsoft.net\Framework\csc.exe C:\windows\microsoft.net\Framework\vbc.exeor C:\windows\System32>where csc.exeC:\Windows\microsoft.net\Framework\v4.0.30319\csc.exe C:\windows\System32>csc.exe /?Microsoft (R) Visual C# Compiler version 4.8.3761.0 for C# 5 (I'm using a rather old Win 8 tablet at the moment.) -
You are correct, I was only looking in Program Files and Program Files (x86). Also was not aware of where.
Yeah. A system may have several versions of the compilers installed. More recent versions can compile different versions of the language (I tend to target C# v3).
Microsoft (R) Visual C# Compiler version 4.8.3761.0 for C# 5/langversion:<string> Specify language version mode: ISO-1, ISO-2, 3, 4, 5, or Default -
glennPattonWork3 wrote:
can generate executables from it
Alternatively, some enterprise whackos are pushing for Python because either: 0) Executables are dangerous and with Python you don't create an executable. or 1) A Python script is the executable, but it's easy to check that it hasn't been altered. In both cases, they like that the script gets deployed directly to the production servers without a build process -- no "executable" in the traditional sense, but it's still an executable. Any other "scripting language" would be the same (e.g. Perl). Of course, how do you know that the script wasn't altered along the way? Or that a bug wasn't "fixed" in production but not checked in? It's the same issue I have with SQL objects such as Procedures, Views, Functions, etc. -- do they really match what we have in version control? Have we checked? As a developer, I prefer traditional languages -- with compilers and "executables" -- when "security" is a factor.
Quote:
As a developer, I prefer traditional languages -- with compilers and "executables" -- when "security" is a factor.
You and me agree!
-
glennPattonWork3 wrote:
It doesn't generate executables it generates MSIL code
No, it does neither of those things. Visual Studio is an Interactive Development Environment, and as such just manages your projects. All code generation, whether machine or MSIL, is done by the compilers. And straight C/C++ code does not generate MSIL.
Richard MacCutchan wrote:
Interactive Development Environment
Integrated Development Environment == Bugging and debugging all in one place.
-
Richard MacCutchan wrote:
Interactive Development Environment
Integrated Development Environment == Bugging and debugging all in one place.
-
Hi All, I have a question, as I have used Notepad++ for years. I was told it would be on my current employers list of approved software. Probe further to find out why, turns out its 'Freeware' and as such is insecure. Is this alarmist I haven't heard of any issues, the only thing is our PC are so nailed shut you have to get IT every time it updates...:~ Glenn
Smoke and mirrors security at its best.