We want to ensure that our DLLs on client PCs can only be called by our
EXE.
We must protect these DLLs because they access WebServices (we plan to use
certificate mapping and create the certificate using
X509Certificate.CreateFromSignedFile("MyDll.dll")) and an SQL Server (we
hardcode uer/pwd or impersonate a domain user).
Some of the client PCs may not be safe (e.g. running Win98 with endusers
having all rights).
1.
I thought of using a declarative link demand using
PublisherIdentityPermission but could not figure out how to do this.
Could someone please supply a code sample for this?
2.
The documentation under
ms-help://MS.VSCC/MS.MSDNVS/cpguide/html/cpconmakingsecuritydemands.htm
says, it is not safe to deny access based on demanding that callers have a
particular identity permission.
What else could we do to protect the DLLs? create a custom permission?
You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
