G
Guest
VS 2k5, .NET v2.0.50727
I'm working on a system that can use plugins via loading DLL's into an
appdomain. I'm trying to nail down security as tight as possible. To do
this, I've created a testbed with plugins that do bad things (violate code
access security, throw exceptions, etc). Part of my security requirements is
that all plugins be signed (i.e., have strong names). I'm concerned with
signing all these different plugins during the debug/testing phase. I need
to sign them to test them fully, but I don't want them in the GAC. I've
given them static version numbers, so I hopefully won't have fifteen hundred
different versions of the DLL's in the GAC. Is that enough? Are there any
other considerations when doing the edit-compile-sign-debug-repeat process?
TIA.
I'm working on a system that can use plugins via loading DLL's into an
appdomain. I'm trying to nail down security as tight as possible. To do
this, I've created a testbed with plugins that do bad things (violate code
access security, throw exceptions, etc). Part of my security requirements is
that all plugins be signed (i.e., have strong names). I'm concerned with
signing all these different plugins during the debug/testing phase. I need
to sign them to test them fully, but I don't want them in the GAC. I've
given them static version numbers, so I hopefully won't have fifteen hundred
different versions of the DLL's in the GAC. Is that enough? Are there any
other considerations when doing the edit-compile-sign-debug-repeat process?
TIA.