反思是否打破了私有方法的想法，因为私有方法可以在类的外部访问？ [英] Does reflection breaks the idea of private methods, because private methods can be access outside of the class?

问题描述

反射是否打破私有方法的想法？由于私有方法可以从类的外部访问？ （也许我不懂反思的意义或错过别的东西，请告诉我）
http://en.wikipedia.org/wiki/Reflection_%28computer_science%29

编辑：
如果云南财贸打破了私有方法的想法 - 做我们使用的私有方法只对程序逻辑而不是程序的安全

？

感谢

解决方案

  

做，我们使用私有方法只为程序逻辑，而不是对方案的安全性？

目前还不清楚你所说的程序安全的意思。安全不能在真空中进行讨论;什么样的资源，你在想防止什么威胁？

在CLR code接入安全系统的目的是保护的用户数据的资源从的在用户的机器上运行的敌意部分信任code的威胁的。

在CLR反射，访问控制和安全之间的关系因此变得复杂。简单地说，不完全准确的，规则是这些：

• 充分信任表示完全信任。 完全可信code可以访问的内存每一个比特的过程中。这包括私人领域。




• ，以反映在部分信任士兵被允许控制的能力;如果不批它，然后部分信任code可能没有做士兵的反思。

请参阅http://blogs.msdn.com/b/shawnfa/archive/2006/09/29/777047.aspx了解详情。

• 桌面CLR支持一个名为限制跳过可见性中，如何思考和安全系统交互的规则略有不同的模式。基本上，
  部分受信任的code，它必须使用专用的反射，如果部分信任code都来自组装与等于或少的信任。

请参阅

<一个href=\"http://blogs.msdn.com/b/shawnfa/archive/2006/10/05/using-lightweight-$c$cgen-from-partial-trust.aspx\">http://blogs.msdn.com/b/shawnfa/archive/2006/10/05/using-lightweight-$c$cgen-from-partial-trust.aspx

有关详细信息

执行摘要：你的可以的锁定部分受信任的code下跌充分，这是不能够使用反射来看看私人的东西。您的不能的锁定完全信任code;这就是为什么它被称为完全信任。如果要限制它，然后的不信任它的

所以：没有制作领域的私人保护其免受低信任度code试图读取它的威胁，从而窃取用户的数据？的是的。它保护它的的的高度信任的code阅读它的威胁？的没有的。如果code既深受用户信赖和敌对用户的然后用户有一个很大的问题的。他们不应该相信，code。

请注意，例如，使得现场的私人不保护的在code秘密的距离的谁拥有你的code和敌视你<用户/ EM>。安全系统保护的良好的用户的距离的恶code 的。它不保护的好code 的距离的邪恶用户的。如果你想私人的东西，以保持它从一个的用户的话你是一个傻瓜的差事。如果你想使私人保持从一个秘密的谁也引诱用户进入运行敌对的低信任code邪恶的黑客的话就是一个很好的技术。

Does reflection break the idea of private methods? Because private methods can be accessed from outside of the class? (Maybe I don't understand the meaning of reflection or miss something else, please tell me) http://en.wikipedia.org/wiki/Reflection_%28computer_science%29

Edit: If relection breaks the idea of private methods - do we use private methods only for program logic and not for program security?

Thanks

解决方案

do we use private methods only for program logic and not for program security?

It is not clear what you mean by "program security". Security cannot be discussed in a vacuum; what resources are you thinking of protecting against what threats?

The CLR code access security system is intended to protect resources of user data from the threat of hostile partially trusted code running on the user's machine.

The relationship between reflection, access control and security in the CLR is therefore complicated. Briefly and not entirely accurately, the rules are these:

• full trust means full trust. Fully trusted code can access every single bit of memory in the process. That includes private fields.

• The ability to reflect on privates in partial trust is controlled by a permission; if it is not granted then partial trust code may not do reflection on privates.

See http://blogs.msdn.com/b/shawnfa/archive/2006/09/29/777047.aspx for details.

• The desktop CLR supports a mode called "restricted skip visibility" in which the rules for how reflection and the security system interact are slightly different. Basically, partially trusted code that has the right to use private reflection may access a private field via reflection if the partially trusted code is accessing a private field from a type that comes from an assembly with equal or less trust.

See

http://blogs.msdn.com/b/shawnfa/archive/2006/10/05/using-lightweight-codegen-from-partial-trust.aspx

for details

The executive summary is: you can lock partially trusted code down sufficiently that it is not able to use reflection to look at private stuff. You cannot lock down full trust code; that's why it's called "full trust". If you want to restrict it then don't trust it.

So: does making a field private protect it from the threat of low trust code attempting to read it, and thereby steal user's data? Yes. Does it protect it from the threat of high trust code reading it? No. If the code is both trusted by the user and hostile to the user then the user has a big problem. They should not have trusted that code.

Note that for example, making a field private does not protect a secret in your code from a user who has your code and is hostile to you. The security system protects good users from evil code. It doesn't protect good code from evil users. If you want to make something private to keep it from a user then you are on a fool's errand. If you want to make it private to keep a secret from evil hackers who have lured the user into running hostile low-trust code then that is a good technique.

这篇关于反思是否打破了私有方法的想法，因为私有方法可以在类的外部访问？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！