Re: HOWTO: Prevent Dynamic Loading of internal Types



Delete the sentence about the factory pattern - thats nonsense.

But the rest?

Henning

"Henning Krause [MVP]" <newsgroups.remove@xxxxxxxxxxxxxxxxx> wrote in
message news:uO$Uv%23dJGHA.3408@xxxxxxxxxxxxxxxxxxxxxxx
> Hello Dominick,
>
> what about this code placed in each constructor in the internal class:
> using (Stream stream = File.OpenRead("publickey.txt"))
> {
> buffer = new byte[stream.Length];
> stream.Read(buffer, 0, buffer.Length);
> }
> condition = new StrongNameMembershipCondition(new
> StrongNamePublicKeyBlob(buffer), null, null);
> if (!condition.Check(Assembly.GetEntryAssembly().Evidence))
> {
> throw new Exception("invalid caller");
> }
>
> The public key token should be read from a resource of the current
> assembly, or with a call to
> Assembly.GetExecutingAssembly().GetName().GetPublicKey().
>
> This also works in full trust, but only if the method is executed from an
> assembly not signed with the specified public key. A call chain of
> correctly signed assembly --> invalid signed assembly --> protected
> assembly
> will not be protected.
>
> Despite the performance penalty at the creation of each instance I don't
> see any caveeats here - and the performance problem could be cirumvented
> with a factory pattern.
>
> Any thoughts on this?
>
> Greetings,
> Henning Krause
>
>
>
> "Dominick Baier [DevelopMentor]" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> wrote in message news:4580be63195cf08c7f3f7910f6427@xxxxxxxxxxxxxxxxxxxxx
>> Hi,
>> this only works in partial trust and is a 1:1 relationship (=does not
>> scale).
>>
>> There is no way to restrict fully trusted callers in .NET - and this is
>> not different to any other prog languages/execution environments - it is
>> just very easy with .NET.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>
>>> Hello,
>>>
>>> you cannot prevent the loading of the assembly, but you could sign all
>>> your code with a strong name and put a StrongNameIdentityPermission
>>> linkdemand on every method you want to protect.
>>>
>>> Greetings,
>>> Henning Krause
>>> "Michael Primeaux" <mjprimeaux@xxxxxxxxxxxxxx> wrote in message
>>> news:O4O5ASCJGHA.424@xxxxxxxxxxxxxxxxxxxxxxx
>>>
>>>> How can I prevent someone from dynamically loading an internal type
>>>> from my assembly?
>>>>
>>>> Kindest Regards,
>>>> Michael Primeaux
>>
>>
>
>


.