Security aspects of storing WCF binding in configuration file -


i'm curious whether there can security concern regarding storing wcf binding information in configuration file instead of configuring code? i'm thinking of cases when server hosting wcf service gets compromised, attacker can change service's configuration use less secure binding, hence gaining access otherwise forbidden data.


Comments

Popular posts from this blog

serialization - Convert Any type in scala to Array[Byte] and back -

Slow performance first queries on SQL Azure -

Java Entity Manager - JSON reader was expecting a value but found 'db' -