Re: Strong names ....
From: Rahul Kumar (rahul.kumar.remove_it_at_sage.remove_it.com)
Date: 11/17/04
- Next message: nitesh: "Re: webservice problem system.net.webexception"
- Previous message: Alexander Herrmann via .NET 247: "check nt file/folder permission"
- In reply to: Leonardo D'Ippolito: "Strong names ...."
- Next in thread: Michael Willers: "Re: Strong names ...."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Nov 2004 09:51:30 -0000
Leaonardo
There are several things going on here.
I assume you have signed both your assemblies (the exe and the dll) with
your strong name.
Someone would have to remove the strong name from your dll to change the
code. But he won't be able to sign it back again with the same strong name
(unless your private key has been compromised). Suppose, he can't sign it
with your strong name, your exe could stop referencing the changed dll
because the dll's public key token in the exe's manifest would be different
from the changed token. However, nothing stops the same person to unsign and
again sign your exe with his own strong name. This way, your application
would execute and do what ever the hacker has planned it to do.
Please follow up with more readings from these threads:
news:Og29K9TpEHA.2684@TK2MSFTNGP11.phx.gbl...
news:#sjbVS1yEHA.3624@TK2MSFTNGP09.phx.gbl...
-- Rahul Kumar http://dotnetyogi.blogspot.com This message is provided "AS IS" with no warranties, and confers no rights. Any opinions or policies stated within it are my own and do not necessarily constitute those of my employer. "Leonardo D'Ippolito" <leodippolito@terra.com.br> wrote in message news:uZ5I8iHzEHA.4028@TK2MSFTNGP15.phx.gbl... > Hello sirs, > > I am trying to understand how strong names work. > > Suppose I have lib.dll (a .net library), and also MyApplication.exe (a .NET > WinApp) . MyApplication uses lib.dll . Suppose someone decompiles lib.dll > and replaces code parts, and then recompiles again. When MyApplication.exe > will load lib.dll the next time, will it detect that it is a different dll > if they have strong names? > > How can I implement this procedure? If someone can give me an example I > would appreciate! > > Thanks a lot! > >
- Next message: nitesh: "Re: webservice problem system.net.webexception"
- Previous message: Alexander Herrmann via .NET 247: "check nt file/folder permission"
- In reply to: Leonardo D'Ippolito: "Strong names ...."
- Next in thread: Michael Willers: "Re: Strong names ...."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
