防止其他人使用我的dll

防止其他人使用我的dll

本文介绍了防止其他人使用我的dll的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我是.net的新手,我想知道如何防止他人使用/引用我的编译库.我做了一些研究,但没有找到明确的答案.是authenticode还是强名或其他名称?它的可靠性如何?

I'm new to .net and would like to know how I can prevent others from using/referencing my compiled libraries. I did some research but didn't find a clear answer. Is it authenticode or strong names or something else? and how reliable is it?

这些库是商业桌面软件的一部分

the libraries are part of a commercial desktop software

推荐答案

我想知道如何防止他人使用牙刷.我找到了解决方案.我不让他们使用我的牙刷.

I would like to know how I can prevent someone from using my toothbrush. I have found a solution. I don't give them access to my toothbrush.

如果您不希望别人使用您的软件,请不要将其交给您.

If you don't want people to use your software then do not give them your software.

如果您希望某人能够在不知道实现细节的情况下使用代码的功能,则可以编写Web服务,将该软件放在Web服务器后面,然后人们可以通过以下方式使用您的软件您提供的服务.他们只看到Web服务器,看不到您的实现详细信息.

If you want someone to be able to use the functionality of your code without knowing the implementation details then write a web service, put the software behind a web server, and people can use your software via the service you've provided. They only see the web server, not your implementation details.

不.您的情况是希望保护您自己(软件提供商)免受您的用户的侵害.那恰恰是倒退..NET安全系统旨在保护您的用户不良软件提供商.

No. Your scenario is that you wish to protect yourself, a software provider, from your users. That is exactly backwards. The .NET security system was designed to protect your users from bad software providers.

authenticode和强名都是系统,通过这些系统,软件的用户可以获取证据,证明该软件确实是由他们认为由其提供的人提供的,而不是由冒充您的邪恶黑客提供的.

Both authenticode and strong names are systems whereby a user of software can obtain evidence that the software really was provided by the person they believe it to be provided by, rather than by evil hackers pretending to be you.

例如,假设我变得邪恶,并向您发送System.DLL的新版本,我说这是Microsoft的软件升级,但实际上监视您键入密码并将其通过电子邮件发送给我.我可以向您发送一个名为"System.DLL"的DLL,但是我不能向您发送具有Microsoft强名称的DLL,因为我不能使成为Microsoft强名称姓名.只有Microsoft可以这样做,因为Microsoft签名密钥被埋在11号楼的深处,并被鲨鱼用激光束或类似物品保护着.强名保护 you 免受 me ;他们不保护 Microsoft .

For example, suppose I become evil and send you a new version of System.DLL that I say is a software upgrade from Microsoft, but actually watches you type in passwords and emails them to me. I can send you a DLL called "System.DLL", but I can't send you one that has the Microsoft strong name because I can't make a Microsoft strong name. Only Microsoft can do that, because the Microsoft signing key is buried deep within Building 11 and guarded by sharks with laser beams or something. Strong names protect you from me; they don't protect Microsoft.

类似地,强名保护您的客户免受冒充您的攻击者.他们不会保护免受您的客户的侵害.你不是受到攻击的人;他们是!

Similarly, strong names protect your customers from attackers pretending to be you. They don't protect you from your customers. You are not the one who is under attack; they are!

商业桌面软件模型假定,软件提供商会信任客户按照其许可使用软件.如果您不信任客户,则需要一个完全不同的模型,例如将软件保留在Web服务器上,并且仅允许通过Web界面进行访问.

The commercial desktop software model presupposes that customers are trusted by software providers to use the software in accordance with their license. If you don't trust your customers then you need an entirely different model, like keeping the software on your web server and only allowing access via a web interface.

这篇关于防止其他人使用我的dll的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-04 19:55