Preventing unauthorized code execution

Office Lineman

Is there a way to actually stop unauthorized use of code in a DLL? The article on SecUtil[^] sounds nice, but doesn't work at all, unless I'm missing something painfully obvious. I've got a signed DLL with a single public class exposing a single public method:

public class Thingy
{
private const string PUBLIC_KEY = "0x00..." // a 160-byte hex string

[StrongNameIdentityPermission(SecurityAction.Demand, PublicKey = PUBLIC_KEY)]
public Thingy ()
{
}

[StrongNameIdentityPermission(SecurityAction.Demand, PublicKey = PUBLIC_KEY)]
public int Add (int v1, int v2)
{
return (v1 + v2);
}
}

And I'm calling it in a separate unsigned application:

private void button1_Click (object sender, EventArgs e)
{
Thingy thingy = new Thingy();

int result = thingy.Add(6, 7);

MessageBox.Show("6 + 7 = " + result.ToString());
}

It should be protected, and yet I get my message box "6 + 7 = 13" just fine. Any ideas? -- I've killed again, haven't I?

Office Lineman

Okay, it seems to work in .NET 1.1, but not in .NET 2.0. :wtf: Apparently .NET 2.0 has said, "The hell with security." One can easily run any code in a trusted zone without any regard whatsoever to standing individual assembly security requirements set by StrongNameIdentityPermission. :mad: -- I've killed again, haven't I?