method call only from "allowed" assemblies

  • Thread starter Thread starter Bamse
  • Start date Start date
B

Bamse

Hi,
I was thinking of a "security concept" (- although it may already exist in
the .NET Framework): to allow only some assemblies to call a method form
another assembly...
something like... a public method can be called by another assembly within
an application but also by anyone from outside;
this mechanism would check at method level/above method level who is calling
and allow/disallow the call.

Is this already implemented in .NET Framework?

I would greatly appreciate some feedback on how this may be implemented
(using StackTrace maybe)...

Thank you,
Daniel
 
I'll check that but...that would work on the general case, where all calling
assemblies might be signed;
in my case I have signed and unsigned assemblies that call the method(s).

I was thinking more of checking the calling assembly's identity and if it's
mine
(or one that I set "allowed") to go and execute the call, otherwize throw an
exception
 
How can you tell that the calling assembly is one of your assemblies if the
assemblies do not have a strong name? By giving your assemblies a strong
name you know for sure that the assembly has been created by you (as long as
no one steals your key-pair file). StrongNameIdentityPermission(Attribute)
was designed with your case in mind.

Regards, Jakob.
http://www.dotninjas.dk
 
Back
Top