Securing .NET Assemblies

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

sendhil.an@gmail.com - 25 Aug 2005 21:19 GMT

Hi,
I have a .NET assembly (a dll which has a strong name). It has two
classes. This dll is used in more than one application.

When the applications are distributed, the dll is also available for
anybody. I want to secure the assembly(dll), so that the class in the
assembly is inaccesible to the users.

I tried using LinkDemand in the dll.
[StrongNameIdentityPermission(SecurityAction.LinkDemand,
PublicKey = "")]

The problem with that is, iam not able to use the dll myself. I get
the following errror when instatiating a class in the dll. How do i get
access to the class but not others?

Error:
An unhandled exception of type 'System.Security.SecurityException'
occurred in Unknown Module.

Additional information: Request for the permission of type
System.Security.Permissions.StrongNameIdentityPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed.

Thanks
sendhil

Reply to this Message

Dominick Baier [DevelopMentor] - 25 Aug 2005 22:49 GMT

Hello sendhil,

is the PublicKey really empty in your code??

besides that - LinkDemands will only guard against partially trusted clients.
A full trusted client can alway assert the required permission. In .NET 2.0
they are not even checked for fully trusted callers.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi,
> I have a .NET assembly (a dll which has a strong name). It has two
[quoted text clipped - 20 lines]
> Thanks
> sendhil

Reply to this Message

Securing .NET Assemblies

Free Magazines