Windows Forms .NET中的强命名程序集
[英]Strong named assemblies in Windows Forms .NET
问题描述
OK, I've read every question here about strong named assemblies and just want to clarify something. 
好的,我在这里阅读了有关强命名程序集的所有问题,只想澄清一些问题。
First though, from what I've read, GAC aside, strong named assemblies prevent a malicious third party changing and impersonating your code. 不过,首先,从我读过的内容来看,除了GAC之外,强大的命名程序集还可以防止恶意的第三方更改和模拟您的代码。 It'd be great to have some links to some real world examples of this kind of spoofing that happened pre strong named assemblies. 能够链接到一些在强命名程序集之前发生的这种欺骗的真实示例,将是很棒的。
If security or the GAC are not a concern, it seems that it's still advisable to strong name assemblies because: 如果不考虑安全性或GAC,似乎仍然建议使用强名称集,因为:
Clients who have strong named assemblies can only reference your assemblies if they are signed.
具有强命名程序集的客户端只有在签名后才能引用您的程序集。 Clients who do not have strong named assemblies can reference your assembly whether it's signed or not.
没有强命名程序集的客户可以引用您的程序集,无论该程序集是否已签名。
Is that a fair analysis? 这是公平的分析吗?
1 个解决方案
解决方案1
1 2010-02-01 17:38:02
Warning 警告
Strong name does not prevent assemblies to be tampered with. 强名并不能防止程序集被篡改。 You can manipulate a signed assembly and resign it with a new strong name. 您可以操纵已签名的程序集,然后使用新的强名称将其辞职。
However, like any public key signature system, you need the private key to sign the tampered version without changing its strong name . 但是,就像任何公共密钥签名系统一样,您需要私钥来对被篡改的版本进行签名, 而不更改其强名 。
Consequently, strong name is not a secure method to make sure someone can't change your code or circumvent your licensing mechanism or anything like that. 因此,强名并不是确保某人无法更改您的代码或规避您的许可机制之类的安全方法。
Related post: Can strong naming an assembly be used to verify the assembly author? 相关文章:是否可以使用强命名程序集来验证程序集作者?
Yes, strong named assemblies can only reference strong named assemblies. 是的,强命名程序集只能引用强命名程序集。 Assemblies without strong name can reference all assemblies. 没有强名称的程序集可以引用所有程序集。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.