0

I have one "helper" dll which is signed and placed into gac on our server, where other applications excecute and make use of this helper Component.

This scenario is duplicated to multiple Environments, for example: dev, qa, production.

I would like to "protect" for instance an production application to execute the helper Component if a "dev"-version of the helper Component by accident was deployed to the production GAC.

I was thinking about having different .snk (public key tokens) for the helper Component in the different branches (dev, qa, prod) so that an application built against the production Component will fail while trying to execute the dev-version of the helper Component, since the strong name of the assemblies isnt the same.

Is this a bad idea? Or is there another (better) way to accomplish this "idea of protection" ?

jonnep
  • 285
  • 3
  • 17
  • 1
    That can be easily achieved by delay signing in dev/qa, and normal signing in production. I see no reason to use different snk files as that only gives you another mess to handle. – Lex Li Oct 09 '15 at 08:45
  • @LexLi Could you please explain abit more detailed how delayed signing could help ? – jonnep Oct 09 '15 at 08:54
  • 1
    Delay signing means the dev/qa assemblies are in fact not signed. Exceptions have to be set in such environments so that CLR can load them as they were signed. Then in your production environment with no exception policy set, those dev/qa assemblies won't work at all to prevent misuse. – Lex Li Oct 09 '15 at 11:00

0 Answers0