<grin> That's why I said keep honest people honest. I maintain that 99% of users don't even bother, and 90% of that last 01% will give up when they see they cannot immediately use it 'out of the box'. Of course that leaves that .01% of people that will find a way.
How important is it to protect the software against those .01% of users and is it worth the TCO to protect it. Not saying it isn't worth it, I just always ask how 'worth it' is it for the required cost. Although it doesn't sound like your option is much more 'costly' than anything else...so nevermind. > -----Original Message----- > From: Jason Bock [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 22, 2002 2:36 PM > To: [EMAIL PROTECTED] > Subject: Re: [DOTNET] Howto secure class libraries > > >On Mon, 22 Apr 2002 14:26:15 -0400, Joe Reich > ><[EMAIL PROTECTED]> wrote: > > > >Create each class with a password as part of > >the constructor? > > > >Really, you're only trying to keep the honest > >people honest here, right? > >How super effective does this have to be..? > > That's too easy to break via ILDasm (assuming that > the client has that installed, but all it would take > is one clever user :) ). I think if Peter strong-named > the EXE and then did a LinkDemand in the DLL on that > strong-name that should be enough. Assuming that the > private key is kept secure on Peter's box (or whatever > box builds are done on, etc.), no other client should > be able to access the DLL except the EXE. > > Regards, > Jason > You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
