[Mono-devel-list] Assembly Security

Marcus mathpup at mylinuxisp.com
Thu Jul 22 02:51:31 EDT 2004


Does Mono currently have the capability to restrict reflection on an assembly? 
If reflection is permitted, it's possible to call internal and even private 
methods from another assembly.


On Thursday 22 July 2004 1:38 am, Jonathan Gilbert wrote:

> One trick you can do that is very generic and doesn't require any special
> runtime support is to make an interface for accessing the protected
> functionality and a publicly-accessible method to retrieve the interface
> that returns an instance of some privately-defined object implementing the
> interface. You can examine the current call stack (look up the StackTrace
> and StackFrame classes) and verify that the call comes from one of the
> allowed callers before you give the caller the object implementing the
> interface. If you don't give them access to the interface, then there's
> nothing they can do; just make sure that the object implementing the
> interface is not actually exported from the assembly.



More information about the Mono-devel-list mailing list