Welcome to MSDN Blogs Sign in | Join | Help

Skipping .NET assembly strong name validation

This is something I did not know ... you can disable strong name valildation on an assembly using the Strong Name tool.

An assembly that fails strong name validation will not load unless you disable signature verification for the assembly using the Strong Name command-line tool (sn.exe) that ships with the .NET Framework. To disable verification of an assembly, type the following at the command line:

    SN -Vr SomeAssemblyName

This permits the assembly named SomeAssemblyName to skip strong name validation. After an assembly is registered in this manner, the common language runtime will not attempt to verify the signature.

Note: Disabling verification of an assembly creates a security vulnerability.

To re-enable verification of the assembly, type the following at the command line:

    SN -Vu SomeAssemblyName

Published Thursday, May 24, 2007 12:25 PM by mapo

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Skipping .NET assembly strong name validation

Thursday, February 07, 2008 1:15 AM by Prashant

Can you please explain how does skipping strong names introduces security vulnerability?

# re: Skipping .NET assembly strong name validation

Friday, February 08, 2008 5:28 AM by mapo

Prashant, simply because you might end up loading in your process an assembly that has been altered, an assembly that is not guaranteed to be the expected one.

# re: Skipping .NET assembly strong name validation

Wednesday, October 28, 2009 8:47 AM by snort

That is if you had an eval version of a component, and you hack it.

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
 
Page view tracker