Signed DLLs

  • Thread starter Thread starter usenet
  • Start date Start date
U

usenet

I have a DLL which is not in the GAC, but it is signed. What I want to
know is whether somebody could replace my DLL with one of their own
which has the same classes, properties etc. and in every way had an
identical signature but was not signed by me. Would software which used
my DLL still work with the fake DLL? If so would this also be the case
if the DLL were placed in the GAC?

Thanks
 
I have a DLL which is not in the GAC, but it is signed. What I want to
know is whether somebody could replace my DLL with one of their own
which has the same classes, properties etc. and in every way had an
identical signature but was not signed by me. Would software which used
my DLL still work with the fake DLL?
Click to expand...

No. It's signing, not GAC-ing that guarantees that assemblies referencing
your assembly will only load the authentic .dll.



Users can be sure that a version of the assembly they are loading comes from
the same publisher that created the version the application was built with.

Strong names provide a strong integrity check. Passing the .NET Framework
security checks guarantees that the contents of the assembly have not been
changed since it was built.

http://msdn.microsoft.com/library/d.../cpguide/html/cpconStrong-NamedAssemblies.asp

David
 
Back
Top