Reputation: 11439
Is it possible to reflect over a hosting assembly?
For example, IIS hosts ASP assemblies, and SQL Server hosts SqlClr assemblies. If I were to write a hosting server application, would it be possible for hosted assemblies to reflect over the hosting application? Or do app-domains protect against that?
For the record, I'm not trying to reflect over other people's assemblies, I'm more interested in protecting against having other people reflect over mine.
Upvotes: 2
Views: 69
Answers (1)
Reputation: 1391
If the hosted assembly has the Reflection permission (See http://msdn.microsoft.com/en-us/library/system.security.permissions.reflectionpermission.aspx), it can reflect over any types it gets a hold of. So if you are concerned about somebody "snooping" your code, make sure the hosted assemblies run sandboxed without that permission.
Note: Microsoft keeps changing the exact restrictions that apply with every other service pack. It is save to assume that everything that is declared as "public" will allow the code to use it in reflection, regardless of permissions: http://msdn.microsoft.com/en-us/library/system.security.permissions.reflectionpermissionflag.aspx But since the hosted code has to interact with your hosting application through these public APIs, hiding them from reflection wouldn't serve any true benefit in either way.
Upvotes: 1
Related Questions
- Intercepting calls to a method in another assembly
- Can I emit existing implementations in "temporary" assembly
- Is it possible to reflect over the details of csproj assembly references?
- Is there a way to use reflection to examine an assembly in isolation?
- How can reflection be used on satellite assemblies?
- Reflecting assemblies in IIS7
- How to reflect over assemblies that are already loaded?
- Is it possible to reflect a running .NET process?
- Is it possible to disable reflection from a .NET assembly?
- Indirectly accessing an assembly through reflection