RE: Strong names between exe and dll
From: Shawn Farkas (shawnfa_at_online.microsoft.com)
Date: 03/04/04
- Next message: Shawn Farkas: "RE: Cannot change Code Group's Membership Condition to Strong Name"
- Previous message: Lowell: "RE: Cannot change Code Group's Membership Condition to Strong Name"
- In reply to: SStory: "Strong names between exe and dll"
- Next in thread: SStory: "Re: Strong names between exe and dll"
- Reply: SStory: "Re: Strong names between exe and dll"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 04 Mar 2004 00:56:57 GMT
Hi Shane,
The MSDN paragraph is talking about the scenario where someone else is on top of the call chain, for instance:
Assembly A (3rd party) -> Assembly B (your key) -> Assembly C (your key)
What happens here is that a simple LinkDemand by C will pass, but you may also want to demand a second permission more specific to what
you're doing to ensure that A has the required permissions, since you're not guaranteed that everything on the call stack belongs to you.
The second option in that paragraph is that C does a full demand on the identity permission, which will ensure that everyone on your call stack is
signed with your key (so it won't work in the above diagram).
-Shawn
http://blogs.msdn.com/shawnfa
-- This posting is provided "AS IS" with no warranties, and confers no rights. Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated. -------------------- >From: "SStory" <TheStorys@TAKEOUTTHISSPAMBUSTERsofthome.net> >Subject: Strong names between exe and dll >Date: Wed, 3 Mar 2004 10:05:48 -0600 >Lines: 39 >X-Priority: 3 >X-MSMail-Priority: Normal >X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 >Message-ID: <ebLlgkTAEHA.1608@TK2MSFTNGP11.phx.gbl> >Newsgroups: microsoft.public.dotnet.security >NNTP-Posting-Host: 0-1pool140-111.nas12.nashville1.tn.us.da.qwest.net 65.135.140.111 >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl >Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:5222 >X-Tomcat-NG: microsoft.public.dotnet.security > >Found this on the web > >Depending on the nature of the functionality provided by your class, you may >need to demand another permission to authorize the calling code in addition >to using the identity-based link demand. Alternatively, you can consider >using a full demand in conjunction with the StrongNameIdentityPermission, >although this assumes that all code in the call stack is strong name signed >using the same private key. >(found at >http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh08.asp?frame=true#c08618429_005 ) > >Tell me. > >If I have an exe that is mine and a dll that is mine, both strongname signed >with same key, but the dll references other third part dll's > >will this work or does the above paragraph mean it won't > >I see it like this. > >myexe (signed by mykey) calls mydll(signed by mykey) > >So myexe should be able to call my dll with the strongnameidentitypermssion > >And my dll should be able to call what it needs because the strongname >identitypermission is just between my two assemblies. > >Is this correct or incorrect? > >What will happenif I recompile the dll and resign it with the same >strongname? >Will it still work? > >Thanks, > >Shane > > > >
- Next message: Shawn Farkas: "RE: Cannot change Code Group's Membership Condition to Strong Name"
- Previous message: Lowell: "RE: Cannot change Code Group's Membership Condition to Strong Name"
- In reply to: SStory: "Strong names between exe and dll"
- Next in thread: SStory: "Re: Strong names between exe and dll"
- Reply: SStory: "Re: Strong names between exe and dll"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
