Re: Does .NET detect alterations to an assembly?
From: Michel Gallant (MVP) (neutron@istar.ca)
Date: 02/14/03
- Next message: Joe Kaplan: "Re: folder permissions and NTFS"
- Previous message: Shawn Farkas [MS]: "Re: Does .NET detect alterations to an assembly?"
- In reply to: Shawn Farkas [MS]: "Re: Does .NET detect alterations to an assembly?"
- Next in thread: David Thom: "Re: Does .NET detect alterations to an assembly?"
- Reply: David Thom: "Re: Does .NET detect alterations to an assembly?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 14 Feb 2003 14:14:07 -0500 From: "Michel Gallant (MVP)" <neutron@istar.ca>
"The common language runtime also performs a hash verification; the assembly
manifest contains a list of all files that make up the assembly, including a hash
of each file as it existed when the manifest was built. As each file is loaded,
its contents are hashed and compared with the hash value stored in the manifest.
If the two hashes do not match, the assembly fails to load. "
- Mitch
"Shawn Farkas [MS]" wrote:
> David,
>
> If you sign your assembly, then the framework will detect if it has been
> tampered with, and refuse to load it.
>
> -Shawn
>
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
> Please do not send email directly to this alias, this alias is for newsgroup
> purposes only.
>
> "David Thom" <davidt@npsinc.com> wrote in message
> news:uk8oMSD1CHA.1644@TK2MSFTNGP12...
> > If an assembly were altered - say, with a hex editor - does .NET detect
> the
> > alteration?
> >
> > If, for example, we embed a string value in a .NET assembly, can it be
> > changed by a hacker? (we don't care if it can be viewed, we just don't
> want
> > it to be changed).
> >
> > I seem to recall that .NET assemblies have a "hash count/code" to protect
> > against this. But I don't know if that "feature" requires code signing or
> > some other overt action on the developer's/deployer's part in order to
> > activate it.
> >
> > If I simply create a .NET assembly and do nothing else, is it protected
> > against modification? Or should I say, will the alteration at least be
> > detected?
> >
> > Thanks!
> >
> > David Thom
> >
> >
> >
> >
- Next message: Joe Kaplan: "Re: folder permissions and NTFS"
- Previous message: Shawn Farkas [MS]: "Re: Does .NET detect alterations to an assembly?"
- In reply to: Shawn Farkas [MS]: "Re: Does .NET detect alterations to an assembly?"
- Next in thread: David Thom: "Re: Does .NET detect alterations to an assembly?"
- Reply: David Thom: "Re: Does .NET detect alterations to an assembly?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
