How to lock down a distributed DLL?
I have a shared .Net DLL that is used by a few applications and a publicly usable API. I plan to distribute the API DLL, but because of the link have to distribute the shared dll also.
What is the best option to prevent uneccessary classes and data from being used?
Declare everything in the shared dll as internal that is not used in the API?
Create a new DLL that contains all the shared items between the API and the other projects?
Edit: All things have been created in C#. I am also mostly 开发者_运维技巧interested in presenting the user with a nice and friendly API. It is my understanding that whatever I do the user could always use reflector to look at it anyways.
You didn't mention what language you were going to use. If it's a managed assembly then there is a lot more to it than what you are asking.
Simply trying to hide your code behind internal methods or private the code can always be decompiled. So that's one of the first things you'd have to handle. You have to obfuscate that code so that what gets decompiled is not understandable.
You can lock down the dll but that's very difficult to accomplish and depending on how well your implementation then it might not be helpful at all.
I used this product before RedGate bought it and it was AWESOME. It beat the pants off my code which was culled together from random posts on the web. But it might be something you would want to use.
http://www.red-gate.com/products/dotnet-development/smartassembly/
The security mechanism decision is based on the the importance of the resource. Just because usually the more secure a method is the more is the performance panelty.
精彩评论