C# .Net 动态插件加载授权
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14359/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
.Net Dynamic Plugin Loading with Authority
提问by DAC
What recommendations can you give for a system which must do the following:
对于必须执行以下操作的系统,您可以提供哪些建议:
Load Plugins (and eventually execute them) but have 2 methods of loading these plugins:
加载插件(并最终执行它们)但有两种加载这些插件的方法:
- Load only authorized plugins (developed by the owner of the software)
- Load all plugins
- 仅加载授权插件(由软件所有者开发)
- 加载所有插件
And we need to be reasonably secure that the authorized plugins are the real deal (unmodified). However all plugins must be in seperate assemblies. I've been looking at using strong named assemblies for the plugins, with the public key stored in the loader application, but to me this seems too easy to modify the public key within the loader application (if the user was so inclined) regardless of any obfuscation of the loader application. Any more secure ideas?
我们需要合理确保授权插件是真实的(未经修改)。但是,所有插件都必须在单独的程序集中。我一直在考虑为插件使用强命名程序集,公钥存储在加载程序应用程序中,但对我来说,在加载程序应用程序中修改公钥似乎太容易了(如果用户如此倾向),不管加载器应用程序的任何混淆。有没有更安全的想法?
采纳答案by Leon Bambrick
Basically, if you're putting your code on someone else's machine, there's no absolute guarantee of security.
基本上,如果你把你的代码放在别人的机器上,就没有绝对的安全保证。
You can look at all kinds of security tricks, but in the end, the code is on their machine so it's out of your control.
您可以查看各种安全技巧,但最终代码在他们的机器上,因此您无法控制。
How much do you stand to lose if the end user loads an unauthorised plugin?
如果最终用户加载了未经授权的插件,您会损失多少?
回答by DAC
How much do you stand to lose if the end user loads an unauthorised plugin?
如果最终用户加载了未经授权的插件,您会损失多少?
Admittedly this won't happen often, but when/if it does happen we lose a lot and I although I understand we will produce nothing 100% secure, I want to make it enough of a hindrance to put people off doing it.
诚然,这种情况不会经常发生,但是当/如果它确实发生时,我们会损失很多,虽然我知道我们不会生产任何 100% 安全的东西,但我想让它成为一个足够的障碍来阻止人们这样做。
The annoying thing about going with a simple dynamic loading with full strong name, is that all it takes is a simple string literal change within the loader app to load any other assembly even though the plugins are signed.
使用具有完整强名称的简单动态加载的烦人之处在于,即使插件已签名,也只需在加载器应用程序中进行简单的字符串文字更改即可加载任何其他程序集。
回答by gil
you can broaden your question : "how can I protect my .net assemblies from reverse engineering ?"
你可以扩大你的问题:“我怎样才能保护我的 .net 程序集免受逆向工程?”
the answer is - you can not. for those who havent seen it yet, just look up "reflector", and run it on some naive exe.
答案是——你不能。对于那些还没有看过它的人,只需查找“reflector”,然后在一些幼稚的 exe 上运行它。
(by the way, this is always the answer for code that is out of your hands, as long as you do not have en/decryption hardware sent with it),
(顺便说一句,只要您没有随附的加密/解密硬件,这始终是您无法掌握的代码的答案),
obfuscating tries to make the reverse engineering to be harder (cost more money) than development, and for some types of algorithems it succeeds.
混淆试图使逆向工程比开发更难(花费更多的钱),并且对于某些类型的算法它成功了。
回答by Chad Grant
Sign the assemblies.
签署程序集。
Strong-name signing, or strong-naming, gives a software component a globally unique identity that cannot be spoofed by someone else. Strong names are used to guarantee that component dependencies and configuration statements map to exactly the right component and component version.
强名称签名或强命名为软件组件提供了一个无法被其他人欺骗的全局唯一标识。强名称用于保证组件依赖项和配置语句映射到正确的组件和组件版本。
http://msdn.microsoft.com/en-us/library/h4fa028b(VS.80).aspx
http://msdn.microsoft.com/en-us/library/h4fa028b(VS.80).aspx
