►
From YouTube: .NET Design Review: Serialization Guard
Description
We'll review the proposed API surface of the serialization guard:
https://github.com/dotnet/corefx/issues/34555
A
A
A
A
Okay,
so
I
think
we're
just
going
to
separate.
Thank
you.
So
one
possibility
is
that
we
put
a
static
method
somewhere.
That
says
turn
on
or
turn
off,
zeros
a
federal
property
for
this
and
then
so
then
anybody
in
in
the
process
can
make
that
decision
for
the
process.
Christophe
the
things
you're
describing
it
sounds
like
would
be
more
like
we
put
looking
over
load
on
binary
format
or
duck.
You
see
realized
that
says,
would
you
like
to
have
more,
not
have
duty
or
the
serialization
guard
right
now?
A
C
C
A
So
the
sort
of
it
you
know
suggestion
the
sort
of
idea
would
be
that
we
would
actually
like
this
on
my
default
for
par
3,
that's
a
different
decision
for
framework,
but
for
a
core
3
it
seems
like
it
ought
to
be
reasonably
compatible
and
and
helpful
I'm
good
here
you
guys
who
might
want
to
be
able
to
say.
Ok,
I
want
to
not
have
this.
Alright,
you.
D
E
Let's
not
couldn't
talk
about
the
policy,
but
that's
on
off,
because
it's
in
it's
almost
along
to
the
API,
it's
right
like
if
it's
on
like
there's
some
API
should
be
acting
directive.
It's
often
it's
off,
but
like
it's
the
same
API
right.
Well,
whether
it's
host
on
and
always
on,
that
is
reflective.
You
guys.
We
need.
E
It
sounds
true,
you
might
have
an
you,
my
knee
didn't
tape.
You
had
to
turn
it
off,
but
I
would
say
that
let's
table
that
for
it
like
until
we
know
what
the
policy
is,
but
I
think
that,
like
I
think
in
general,
like
if
you,
if
you
accept
the
feature
to
be
on
I,
think
we
should
be
able
to
make
progress
on
the
rest,
but
you
only
have
25
minutes
left
and
I
think
policy
decisions
usually
longer
than
that.
So
the
so
the
distillation
block
the
exception,
I
think,
is
fine.
E
The
only
thing
I
would
suggest
is
like
is
is
buying
from
under
the
only
center
that
we
would.
We
would
check
hole
that
is
shipping
in
box,
or
is
there
any
others
that
be
able
to
check
one
box
because
it
seems
weird
to
use
the
binary
format
is
exceptional
because
then
yeah
you're
compatible
there,
but
you're
not
commit
over
anywhere
else.
What
is
the
right
from
exception
and
say
this
is
not
for
binary
format
or
it's
for
IB.
Do
you
still
I
would
have
once
walked
into.
A
A
A
A
A
A
There
have
been
signs
of
like
some
application
will
not
really
feel
like
making
that
list,
so
they'll
actually
accept
the
list
also
from
from
an
attacker
and
the
exploitable
that
way
this
for
anyone
interested
in
digging
into
this,
there
was
a
good
topic:
black
had
a
couple
years
back
called
Friday
the
13th
and
JSON
JSON
attacks,
okay,
it
sort
of
it
outlines
list.
So
it's
it's,
certainly
not
a
prevalent
problem.
A
You
can
follow
good
and
even
reasonably
sensible
practices
and
be
fine
on
data
contract
format
and
for
all
the
PC
realizes
that
people
just
made
up
themselves
and
similar
problems,
there's
nothing
stopping
them
informativeness.
Once
we
put
it
out
me
from
like
using
API,
you
know
if
they,
you
know
they
would
actually
kind
of
have
to
use
the
API
in
order
to
do
it,
they
can't
really
stop
you
from
starting
a
process
and
without
being
able
to
be
able
to
change
process.
A
D
A
Is
realizing
yeah,
so
I
mean
I?
What
I'll
say
is
the
the
sort
of
general
threat
model
here?
Is
that
code
in
in
a
subpoena
or
in
a
net
port
of
any
sort
app
is,
is
trusted
code,
so
I
wouldn't
expect
that
someone
sort
of
is
expected
to
have
enough
code
execution
to
call
start
the
serialization,
without
otherwise
being
well
outside
of
the
security
boundaries.
So.
A
C
F
H
A
Thing
we
might
have
to
address
from
a
practical
standpoint
on
start,
the
serialization
is
the
serialization
50
sterilization
can
be
and
actually
is,
sometimes
free.
Cursive,
for
example,
I
think
data
set
will
in
its
deserialization,
will
new
open
new
binary
format
and
deserialize,
so
we
actually
have
to
be
capable
of
handling
recursive
deserialization.
A
Now
you
know
it
is
true
that
if
you
were
to
just
sort
of
leak
here,
you're
a
serialization
state
it.
So
all
of
this
is
sort
of
lots
here
thread
in
async
context,
so
you
you've
messed
up
this
thread
in
a
sink
context,
but
you
haven't
like
messed
up.
The
whole
process.
Do.
E
A
E
C
I'm
not
sure,
that's
even
coding
any
other
API.
The
key
thing
we
want
to
block
is
not
random
term
methods
that
there
could
be
bad
things,
but
things
that
we
can
find
a
way
to
be
triggered
to
be
civilization
like
they're
part
of
the
implementation
deserializing.
Sometimes
that's
actually
similar
sure.
E
What
I
think
the
problem
here
is
like
calling
start
derealization
indirectly,
when
the
other
party
base
it
off
early,
correct
and
hit
a
using
block
around.
It
is
not
as
problematic
as
if
you
call
the
API
directly
leak
effectively,
the
distillation
token
or
disabled
basically
have
the
API
is
in
the
permanent
rule.
This
you
add
to
the
oh
yeah.
E
E
C
A
Let
me
talk
about
this
in
a
couple
of
ways,
so
one
is
sort
of
the
the
gadget
target
their
extinction,
so
you're
sort
of
not
even
to
it
a
little
bit
which
is
so
gadgets
are
the
ways
that
we
know
that
you
can
do
bad
things,
and
so
we
just
don't
let
you
do
this
and
that's
sort
of
what
you're
describing
the
bargain.
A
You
just
don't
get
any
more
if
you
try
to
use
a
gnome
gadget
right,
but
the
reason
that
we
have
this
concept
of
targets
is
under
the
assumption
that
number
one
there
might
be
unknown
gadgets
and
number
two.
A
Even
if
we
do
a
perfect
job,
there
may
well
be
gadgets
in
upset
coder
and
third
party
code,
and
so
it
may
still
be
possible
to
get
some
amount
of
control,
and
then
someone
may
still
want
to
parlay
that
into
starting
a
process
or
loading
an
assembly
or
something
like
that,
and
so
that's
the
reason
with
the
blocks.
In
those
things
now.
I
A
All
right
price
targets,
yeah
so
so
sort
of
under
that
threat
model.
Yes,
you,
you
could
perhaps
describe
start
a
civilization
as
a
target,
so
the
threat
there
would
be
denial
of
service.
I
will
say
that
in
particular
with
binary
format.
It's
is
necessarily
true
of
other
sterilizers
that
there
are
other
denial
of
services,
and
this
is
a
remote
code,
execution
mitigation,
but
not
a
denial
of
service
medication,
so
that
would
sort
of
be
a
limited
denial
of
service.
A
A
A
A
E
Well,
that's
what
I'm
saying
I
mean
the
only
differentiation
that
I
can
think
of
is
if
you
could
determine
that,
you
would
directly
call
by
reflection,
because
that's
really
the
only
thing
I
mean
because
if
you're
indirectly
called
then,
while
it's
probably
normal
this
realization,
if
you
directly
copy
somebody,
then
that
seems
bad
like.
Why
would
you
do
that?
E
E
E
A
Being
directly
cold,
as
you
say,
but
reflection
could
be
way
of
the
stack
about
where
to
see
my
vision,
I
mean
basically
the
the
way
we
did
that
when
they
say
it
was
reflection,
had
knowledge
of
these
things.
It
wasn't
supposed
to
do,
and
so
it
would
stop
you
that
might
be
a
nice
core
feature,
but
we
don't
know
it's.
A
We
couldn't
disable
well,
it
certainly
is
doing
your
serialization,
but
I
wouldn't
necessarily
describe
it
as
a
target,
because
it
would
just
be
sort
of
another
way
to
to
get
to
a
message
it
but
like
it
still
had.
The
way
we
think
of
targets
is
a
target.
Is
your
actual
goal
like?
Why
is
it
that
you're
that
you're
building
is
payload?
It's
because
you
want
to
run
your
malware?
So
how
do
you
run
your
mouth,
where
you
do
it
by
loading,
an
assembly
or
something
but
I,
probably
been
gadget,
not
target?
A
Oh,
it's
not
a
gadget
in
that
there's
the
serialized.
It
won't
hurt,
it
I
mean
they
will
use
it
directly.
It's
part
of
the
implementation,
but
it's
not
it's
not
sort
of
an
attacker
control
thing
that
is
being
deserialized,
so
gadget
would
typically
be
a
serializable
object
or
or
a
property
or
constructor,
or
something
like
that
on
something
that
sort
of
goes
off
and
does
work
on
its
own.
That
ends
up
being
attacker,
controlled
right.
F
F
A
So
I
guess
when
I'm
trying
to
describe
it
is
rather
this
silly
lucky
gadget
is
a
type
that
on
deserialization
goes
and
triggers
something.
That's
attacker
control
that
gives
you
more
control
of
the
process,
not
necessarily
full
control
to
process,
but
more
control
of
the
process
than
you
had
before
right.
So
the
cat
would.
F
A
Right
yeah
I
mean
that
well,
so,
first
of
all,
I
do
expect
the
bullets
to
change
over
time.
So,
even
if
I
say
the
wrong
thing
today,
that'll
be
something
that
they
can
correct
for
us.
As
you
know,
experience
with
this
and
research
continues
and
there's
there's
certainly
also
a
practical
aspect
of
this,
which
is
like
the
you
know.
Reflection
is
everywhere
and
certainly
in
in
the
civilization
there's
reflection
everywhere,
so
it's
sort
of
not
practical
to
block
it,
but
all
right,
like
I'm
I'm,
trying
to
look
quickly
at
like
so
accurate
activity.
A
Surrogate
selector
is,
is
an
example
of
the
framework
gadget
I'm,
pretty
sure
we
just
don't
have
an
encore,
but
so
the
the
point
of
activity,
surrogate
selector
is
it
uses
reflection,
but
what
it
uses
reflection
to
do
is
it
will
like
create
an
object
to
any
type
for
you
and
fill
its
fields
in
any.
Does
that
bio
reflection?
But
that's
sort
of
you,
you
can
look
at
as
sort
of
a
whole
as
if
that's
the
gadget,
but
doing
that
isn't
now
where
it's
not.
C
So,
what's
the
what's
the
right
thing
to
do
to
decide
the
policy
right
because
I
mean
normally
the
way
API
review
seem
to
work?
Is
you
walk
out
of
here,
having
marked
it
approved
and
then
anyone
can
in
this
is
like
a
implication
that
it's
ready
to
that?
Isn't
it
you
can
just
implement
a
order
in
the
next
release
before.
E
C
F
Right,
I
think
it's
just
this
sense
of
being
convenience
thing
and
some
want
to
determine
all
this
thing.
Does
it's
one
line
right?
It's
if
deserialization
progress
throw
new
dangerous
deserialization
exception,
but
someone
wanted
to
fail
fast.
They
could
do
50
serialization
in
progress,
environment,
I,
fell,
faster,
ended.
A
Up
reading
the
kinis
method,
because
when
I
had
to
fill
in
a
bunch
of
targets,
I
was
writing
that
same
block
over
and
over
and
over
yeah.
Although
I
suppose
we
could
also
talk
quickly
about
so
there's
a
little
bit
of
difference
between
audience
on
on
start
to
serialization
and
then
the
second
cue.
So
the
first
one
is
you're
a
serial
Iser.
A
What
do
you
want
to
expose
so
close?
Exposing
starkly
serialisation
means
that
a
serial
either
can
say,
hey.
Please
engage
all
of
this
machinery,
the
civilization
in
progress
and
throw
on
dangerous
deserialization
are
four
gadgets
and
targets
to
say
get
me
out
of
here
right
so
making
it
a
public
API
means
that
if
there
were
a
third
party
gadget
or
target
that
wanted
to
protect
itself,
it
could
that
I
don't
have
a
strong
case
for
that
I.
Don't
know.
Oh
it's.
A
C
E
F
Presume
as
well
like
in
processed,
he
talked
about
the
whole
teacher
gets
turned
on
and
then
they're
compact
lines
or
quirks
to
turn
off
individual
things.
So,
presumably
in
process
thoughts
start.
It
won't
use
to
me
throw
on
dangerous
T
sterilization
it'll
say
if
T
serialization
in
progress
and
process
flag
is
true
still
true,
then
throw.
A
Like
a
an
F
context
like
for
the
specific
to
should
restart
processes,
yeah
so
I
think
what
I
did
for
those
kinds
of
things
was.
If
this
app
context
flag
is
set,
then
call
throw
on
dangerous
to
civilization
exception.
It's
obviously
not
that
big
of
a
difference
by
the
time
you
already
have
the
f-block,
then
what.
C
F
A
Don't
have
to
do
that
yeah!
We
could
do
that
if
it
takes
a
string
argument
that
will
hurt
her
for
a
little
bit
right
because
F
context
switches
are
actually
cached,
so
they're
just
like
check
a
static
pool,
so
the
taking
a
string
would
mean
it
has
to
go
like
the
dictionary
lookup
or
something
like
that.
Well,.
A
Mean
you
be
clear:
the
the
implementation
is
all
but
done
in
desktop
at
this
point.
I
think
we've
done
all
that
stuff.
It's
just
like
polishing
off
a
couple,
tiny
things.
So
this
is
based
off
of
having
built
all
of
this
and
that's
doable.
Are
you
gonna
go
back
to
so
that's
checked
in
before
a
your
router?
No
there's
going
to
be
your
and
the
checking
mechanics
but
yeah
it's
it's!
It's
good
to
go
under
as
we
get
it
in
there.
So.
A
A
A
A
E
Depends
on
what
instruction
I,
when
I
looked
at
the
imputation
server
Jeremy
it
look
like
the
the
only
thing
that
the
struct
holds
is
a
reference
to
manage
object,
yeah,
which
should
then
call
the
ring
dispose.
Even
if
you
copy
the
struct
around
at
the
end,
nothing
object
can
only
be
disposed
once
like
there's.
C
C
F
A
E
A
A
F
Thing
I
think
my
back
would
be
if
this
object
is
actually
storing
meaningful
state,
like
you
know
whether
it's
been
disposed
or
not,
and
that
can't
be
pushed
down
into
other
objects
is
creating.
Then
it
makes
sense
to
just
get
rid
of
the
type
and
return
by
disposable.
If
all
this
ends
up
being,
is
you
know
a
wrapper
for
some
other
reference
type,
and
this
dispose
is
just
calling
that
disposed
and
there's
nothing
else.
That's
the
guy
is
doing
then
having
it
be.
A
public
struct
is
probably
there.
F
E
F
E
A
H
F
A
E
E
A
E
I
would
expect
that
is
insane.
I
mean
if
we,
if
we
support
granular
checking
I
would
I
would
expect.
We
would
have
a
throw
helper
move.
The
ability
to
check
for
that
as
well.
Okay
and
then
you'd
have
an
overload
to
throw
of
Ferguson
that
actually,
you
know
LC
to
pass
the
string
or
what
about
the
representation
of
the
of
the
switches
and
then
that
gap
ever
gets
the
right
string.
E
H
E
E
F
F
E
A
E
F
A
E
So
that
would
mean
that
for
internal
purposes
we
have
a
we
have
it
effectively
in
caller,
but
for
public
API
purposes.
We
wouldn't
have
that
right,
so
we
would
have
to
so
in
that
sense,
if
you
want
to
make
this
public,
it
probably
is
better
off
on
civilization
info,
because
that's
already
in
system
runtime.
F
E
A
I
did
know
that,
so
they
are
at
context
which
is
onion
full
frame
or
in
part,
because
we
can't
do
API
work
there
and
I.
A
E
A
You
know
I
have.
This
is
the
API
that
I
have
internally
right
now
there,
so
it
like,
if
you
want
to
throw
with
the
other
string.
Oh
I
see
what
you're
saying
that
was
actually
one
of
the
things
that
I
hadn't
dealt
with
was
like
the
up
stack
thing
that
had
to
call
by
a
reflection,
but
where
I
wasn't
using
reflection,
I
was
just
mooing
up
the
exception
type,
not
using
the
helper
I
see.
E
The
basically
no,
like
you,
basically
know
what
feature
you
your
are,
so
you
check
the
corresponding,
have
contact
switch
and
that
is
set
or
not
set,
and
on
mechanics
you
throw
you,
don't
throw
yeah.
That
makes
it
alright.
So
then,
okay,
so
it
straight
forward,
then
yeah
I
think
the
only
thing
which
about
we
start
with
implementation,
never
work
on
the
core
of
X
and
then,
like
imperil,
you
know,
continue
the
conversation
you
started
with
with
James.
You
know
this
probably
the
first
one
way
it
would
make
sense.
E
A
E
Although,
like
in
his
case,
like
the
way
he's
done
with
the
problem,
the
devildis
in
the
classes,
he
calls
everything
my
reflection
right,
like
I
mean
he
like,
for
example,
he
can
handle
all
the
immutable
collection
times
we
have
and
you
just
discovers
them
by
or
it's
this
type
name
this
one
and
then
okay,
I
call
this
method
over
there.
They
don't
know
and
I
could
say
so
we're
not
going
to
help
the
performance,
but
at
the
same
time
you
can
cash
a
bunch
of
stuff
and
like
they.
E
The
other
interesting
thing
is
that
I,
as
you
said
like
like
in
Jason
I,
think
the
only
case
would
that
would
matter
is
basically
the
one
when
you
actually
have
type
information,
but
everything
else
wouldn't
matter
so
I.
Think
that's
the
other
question
I
do.
Are
we
aware
of
any
other
cylinder
that
has
basically
type
identity
breakage
to
the
payload?
Yes,.
A
A
E
You,
okay,
I,
guess:
Jeremy
has
the
list
as
well
right,
yeah
I
think
that
it
is
instead
of
next
step.
So
then
I
will
consider
this
improve
the
feedback.
With
the
caveat
that
we
have
to
figure
out
like
when
and
how.
But
that
seems
fine
all
right,
then,
if
there
are
more
more
questions,
so
let
me
check
with
anybody
here,
questions
online
but
doesn't
sound
like
it.
We
were
running
about
audio
for
20
minutes
because
there
Trey
only
when
I
set
it
up.