Security risk! Your assemblies are not signed! #27
Comments
|
REG ADD "HKLM\SOFTWARE\Microsoft\StrongName\Verification_," Defeats any assembly signing. Won't work, although I still would like it. |
|
not if you create your own assembly-loaders |
|
Even with the registry keys, you can force strong name validation in app.config with bypassTrustedAppStrongNames: |
|
Also, you cannot compile a strong named assembly referencing an unsigned assembly.
…________________________________
From: Nir Bar <notifications@github.com>
Sent: Sunday, February 5, 2017 10:21:10 AM
To: dnauck/Portable.Licensing
Cc: Tilfried Weissenberger; Author
Subject: Re: [dnauck/Portable.Licensing] Security risk! Your assemblies are not signed! (#27)
Even with the registry keys, you can force strong name validation in app.config with bypassTrustedAppStrongNames:
https://msdn.microsoft.com/en-us/library/cc713694(v=vs.110).aspx
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AFSu9noSdo3BNleVh2kkqG8JR_FlFIfdks5rZaKWgaJpZM4Fmqhw>.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, please sign your assemblies (NuGet package)! Otherwise they can't be used in signed applications and unsigned applications can be subject to a spoofed vesion of your assembly!
thanks! regards, Tilli
The text was updated successfully, but these errors were encountered: