反射是否打破了私有方法的想法，因为私有方法可以在类之外访问? [英] Does reflection breaks the idea of private methods, because private methods can be access outside of the class?

问题描述

反射是否打破了私有方法的想法?因为可以从类外部访问私有方法?(可能是我不明白反射的意思或者漏掉了什么，请告诉我)http://en.wikipedia.org/wiki/Reflection_%28computer_science%29

Does reflection break the idea of private methods? Because private methods can be accessed from outside of the class? (Maybe I don't understand the meaning of reflection or miss something else, please tell me) http://en.wikipedia.org/wiki/Reflection_%28computer_science%29

如果重选打破了私有方法的想法——我们是否只将私有方法用于程序逻辑而不是用于程序安全?

If relection breaks the idea of private methods - do we use private methods only for program logic and not for program security?

谢谢

推荐答案

我们是否仅将私有方法用于程序逻辑而不用于程序安全?

do we use private methods only for program logic and not for program security?

不清楚您所说的程序安全性"是什么意思.不能在真空中讨论安全问题；您正在考虑保护哪些资源免受哪些威胁?

It is not clear what you mean by "program security". Security cannot be discussed in a vacuum; what resources are you thinking of protecting against what threats?

CLR 代码访问安全系统旨在保护用户数据资源免受在用户机器上运行的恶意部分可信代码的威胁.

The CLR code access security system is intended to protect resources of user data from the threat of hostile partially trusted code running on the user's machine.

CLR 中的反射、访问控制和安全之间的关系因此很复杂.简而言之，规则如下:

The relationship between reflection, access control and security in the CLR is therefore complicated. Briefly and not entirely accurately, the rules are these:

• 完全信任意味着完全信任.完全可信的代码可以访问进程中的每一位内存.这包括私有字段.

在部分信任中反映私有的能力受权限控制；如果未授予，则部分信任代码可能不会对私有进行反射.

The ability to reflect on privates in partial trust is controlled by a permission; if it is not granted then partial trust code may not do reflection on privates.

参见 http://blogs.msdn.com/b/shawnfa/archive/2006/09/29/777047.aspx 了解详情.

• 桌面 CLR 支持一种称为受限跳过可见性"的模式，其中反射和安全系统交互方式的规则略有不同.基本上，如果部分受信任的代码正在访问来自具有等于或更少的程序集的类型的私有字段，则有权使用私有反射的部分受信任代码可以通过反射访问私有字段 信任.

见

http://blogs.msdn.com/b/shawnfa/archive/2006/10/05/using-lightweight-codegen-from-partial-trust.aspx

详情

执行摘要是:您可以锁定部分受信任的代码，使其无法使用反射查看私人内容.您不能锁定完整的信任代码；这就是为什么它被称为完全信任".如果你想限制它，那么不要相信它.

The executive summary is: you can lock partially trusted code down sufficiently that it is not able to use reflection to look at private stuff. You cannot lock down full trust code; that's why it's called "full trust". If you want to restrict it then don't trust it.

那么:将字段设为私有是否可以保护它免受试图读取它的低信任代码的威胁，从而窃取用户的数据?是的.它是否可以保护它免受高度信任代码阅读的威胁?没有.如果代码既受用户信任又对用户怀有敌意那么用户就有大问题.他们不应该信任那个代码.

So: does making a field private protect it from the threat of low trust code attempting to read it, and thereby steal user's data? Yes. Does it protect it from the threat of high trust code reading it? No. If the code is both trusted by the user and hostile to the user then the user has a big problem. They should not have trusted that code.

请注意，例如，将字段设为私有并不能保护代码中的秘密免受拥有您的代码并对您怀有敌意的用户的侵害.安全系统保护好用户免受恶意代码的侵害.它不能保护好的代码免受恶意用户的侵害.如果您想将某些内容设为私有以防止用户 看到它，那么您就是在做傻事.如果您想将其设为私密，以防止邪恶黑客诱使用户运行恶意的低信任代码，那么这是一个很好的技巧.

Note that for example, making a field private does not protect a secret in your code from a user who has your code and is hostile to you. The security system protects good users from evil code. It doesn't protect good code from evil users. If you want to make something private to keep it from a user then you are on a fool's errand. If you want to make it private to keep a secret from evil hackers who have lured the user into running hostile low-trust code then that is a good technique.

这篇关于反射是否打破了私有方法的想法，因为私有方法可以在类之外访问?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！