为什么不能强命名程序集使用未签名的程序集？ [英] Why can't strongly named assemblies use assemblies that aren't signed?

问题描述

要签署一份组件A，你必须确保所有程序集B，C，D所使用的A的签名，然后所使用的B，C，D，等所有程序集。我不明白什么是这样做的安全利益。我认为它应该prevent篡改，但组件A允许打开的任何文件，而这些可以被篡改。这同样适用于外部网络服务器。

To sign an assembly A you have to make sure all assemblies B, C, D that are used by A are signed, and then all assemblies that are used by B, C, D, and so on. I don't understand what's the security benefit of this. I think it's supposed to prevent tampering, but assembly A is allowed to open any file, and these can be tampered. The same goes for an external webserver.

此外，它太容易签署与你公开一个.snk文件汇编，回避的要求。

Also, it's too easy to sign an assembly with a .snk file that you make public, sidestepping the requirement.

推荐答案

的一点是，否则，你可以用不同的（破解）更换总成B / C / D和A将不会注意到;它会加载它们，并执行code。凭借雄厚的命名，你不能没有要么重新签署砍死B / C / D使用相同的密钥，或通过黑客手段做到这一点。

The point is that otherwise you could replace assembly B/C/D with a different (hacked) one, and A would never notice; it would load them and execute the code. With strong naming, you can't do this without either re-signing the hacked B/C/D with the same key, or by hacking A.

这篇关于为什么不能强命名程序集使用未签名的程序集？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！