Code Security

Discussion in 'ASP .Net Security' started by Asim Qazi, Mar 21, 2006.

  1. Asim Qazi

    Asim Qazi Guest

    Hi All
    i m working on a webbased project which includes some classes which are
    used to encode and decode passwords and authentication keys, i want that no
    body should b able to use my classes, how can i make them hide or secure so
    tha no one else is able to use my classes and methods.





    aSIM.
    Asim Qazi, Mar 21, 2006
    #1
    1. Advertising

  2. They are on the server, right?

    So against whom do you try to secure those classes?

    Web users?
    Admins that have access to the server?
    Other web applications on the same server?

    Needless to say - if someone has admin access to the web server he can do
    with your classes whatever he wants....

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi All
    > i m working on a webbased project which includes some classes
    > which are
    > used to encode and decode passwords and authentication keys, i want
    > that no
    > body should b able to use my classes, how can i make them hide or
    > secure so tha no one else is able to use my classes and methods.
    >
    > aSIM.
    >
    Dominick Baier [DevelopMentor], Mar 21, 2006
    #2
    1. Advertising

  3. Asim Qazi

    Asim Qazi Guest

    its a product and we would have to sell it out to different customers,
    even the demo or trial version would also be available for download,

    so i want that nobody should use my classes.

    i had tried it by making a simple windows application and added the refernce
    of my webproject namespace, now all classes and functions are visible to me
    and i can use them anywhere.


    thanks for the reply.
    aSIM.





    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > They are on the server, right?
    >
    > So against whom do you try to secure those classes?
    >
    > Web users?
    > Admins that have access to the server?
    > Other web applications on the same server?
    >
    > Needless to say - if someone has admin access to the web server he can do
    > with your classes whatever he wants....
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > Hi All
    > > i m working on a webbased project which includes some classes
    > > which are
    > > used to encode and decode passwords and authentication keys, i want
    > > that no
    > > body should b able to use my classes, how can i make them hide or
    > > secure so tha no one else is able to use my classes and methods.
    > >
    > > aSIM.
    > >

    >
    >
    Asim Qazi, Mar 21, 2006
    #3
  4. yes - -

    and there is nothing you can do about that - if you give away your binaries
    - ppl can use them (also in ways not intended by you)

    consolidate all "dangerous" code in a web service - and give only the clients
    away...

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > its a product and we would have to sell it out to different customers,
    > even the demo or trial version would also be available for download,
    >
    > so i want that nobody should use my classes.
    >
    > i had tried it by making a simple windows application and added the
    > refernce of my webproject namespace, now all classes and functions are
    > visible to me and i can use them anywhere.
    >
    > thanks for the reply.
    > aSIM.
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> They are on the server, right?
    >>
    >> So against whom do you try to secure those classes?
    >>
    >> Web users?
    >> Admins that have access to the server?
    >> Other web applications on the same server?
    >> Needless to say - if someone has admin access to the web server he
    >> can do with your classes whatever he wants....
    >>
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> Hi All
    >>> i m working on a webbased project which includes some classes
    >>> which are
    >>> used to encode and decode passwords and authentication keys, i want
    >>> that no
    >>> body should b able to use my classes, how can i make them hide or
    >>> secure so tha no one else is able to use my classes and methods.
    >>> aSIM.
    >>>
    Dominick Baier [DevelopMentor], Mar 21, 2006
    #4
  5. Asim Qazi

    jeff Guest

    Build your code into a DLL will protect it from prying eyes. However DLL's
    can eventually be deconstructed. Try to be a little clever by naming the
    assembly some silly name OR go so far as to strong naming your assembly and
    putting in the global assembly cache.
    jeff, Mar 24, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Aaron
    Replies:
    1
    Views:
    339
    John C. Bollinger
    Aug 4, 2003
  2. Marco
    Replies:
    1
    Views:
    2,398
    Roedy Green
    Jan 28, 2006
  3. Akram Baig
    Replies:
    0
    Views:
    319
    Akram Baig
    Apr 7, 2011
  4. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    127
    Dinis Cruz
    Oct 11, 2003
  5. Michael Randrup
    Replies:
    3
    Views:
    284
    Henning Krause [MVP]
    Mar 27, 2006
Loading...

Share This Page