Why bother with strong names for private gatherings?

Question

Why bother with strong names for private gatherings?

We are building several applications that share assemblies. Since memory or disk space is not an issue, we use private assemblies, duplicating shared assemblies in each local application folder. This avoids problems caused by placing them in the PAC. I have heard that strong names are a very good thing to do if we are building assemblies in the GAC.

Is there a good reason to use strong names for private assemblies?

BTW: Here is a great assembly link: link text

+2

c # assemblies strongname

user183660 03 oct. 09 at 16:49

source to share

3 answers

bobbymcr · Answer 1 · 2009-10-03T16:56:17+0000

I should point out that if you move files directly, you remove any benefits the GAC provides (primarily for versions).

For private collections that are not in the public domain, strong naming is not vital. At best, this can prevent a malicious (non-admin) user from replacing your assembly with an unauthorized version. But again, an administrator can turn off strong name validation and allow such an "attack" relatively easily.

Vadim · Answer 2 · 2009-10-03T16:53:40+0000

If you've emphatically named your assemblies, you're also solving a security issue. When you emphatically name your assembly, you are not allowing anyone to interfere with the assembly or replace it with another.

Robert rossney · Answer 3 · 2009-10-03T19:57:43+0000

Generally speaking, wherever strong names are assigned is useful, it is also required, and vice versa.

0

Robert rossney 03 oct. At 19:57

source to share

Why bother with strong names for private gatherings?

More articles: