Re: Protecting code
From: Richard Grimes [MVP] (read)
Date: 08/13/03
- Next message: Christoph Schittko [MVP]: "Signed Controls in IE with FullTrust only?"
- Previous message: Shel Blauman [MSFT]: "Re: Using SecurityManager"
- In reply to: Sky Fly: "Protecting code"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Aug 2003 21:00:13 +0100
Sky Fly wrote:
> Hi,
>
> I know that when an .NET exe is run, the CLR loads
> the exe (along with dependent assemblies),
> compiles them to native code then runs the code.
No. Code is JIT compiled on a method by method basis. The *first* time a
method is called it is JIT compiled and the native code is cached in memory.
After that, when the same method is called the cached native code is used.
This means that if a method is not called, it is not JIT compiled.
> Assuming the assemblies are loaded from a remote
> inaccessible location, is it possible that during
> any of the stages of loading the exe into memory,
> a person with malicious intent could attach a
> debugger and serialise the exe and assemblies
> to disk so that she can disassemble/decompile them?
When the library is downloaded it is stored in the Downloads folder, so that
on future runs it is not downloaded again. If you use the command console
you can locate the actual folder where the assembly is stored and
disassemble it.
Richard
-- my email evpuneqt@zicf.bet is encrypted with ROT13 (www.rot13.org)
- Next message: Christoph Schittko [MVP]: "Signed Controls in IE with FullTrust only?"
- Previous message: Shel Blauman [MSFT]: "Re: Using SecurityManager"
- In reply to: Sky Fly: "Protecting code"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
