Reputation: 1481
c# allow only signed assemblies to be loaded
I have .NET 4.8 application. I want to setup application environment in a way that only assemblies (dlls) signed with trusted certificate could be loaded into application.
How can I achieve that? I guess I need to setup (or create new) AppDomain with certain settings, but after some searching I'm not sure how to do it.
Can anyone help?
Upvotes: 1
Views: 444
Answers (1)
Reputation: 9814
When I install this app, I can tamper dll (also signed) loaded during runtime with hex editor.
If the enemy has that kind of access to your memory, there is nothing you can do. Everything you could do, could be undone with a similar attack on your main programm.
Whatever check you would put into the code, you can not trust it because it could be attacked the very same way.
Upvotes: 2
Related Questions
- What does digital signature have to do with strong named assemblies?
- Using unsigned third-party assemblies from signed ones?
- How to load a signed assembly dynamically in c#
- How to configure MEF (Managed Extensibility Framework) to only load signed assemblies
- Strongly signed assemblies
- Signing assemblies - basics
- Restricting the use of an assembly from assemblies that are not signed
- How do completely disable signed assemblies?
- How to load only signed assembly to a new AppDomain?
- Signing .NET assemblies