bin-deploying DLLs banned in leiu of GAC on shared IIS 6 servers
Posted
by craigmoliver
on Stack Overflow
See other posts from Stack Overflow
or by craigmoliver
Published on 2010-05-08T20:03:30Z
Indexed on
2010/05/08
20:08 UTC
Read the original article
Hit count: 280
I need to solicit feedback about a recent security policy change at an organization I work with. They have recently banned the bin-deployment of DLLs to shared IIS 6 application servers. These servers host many isolated web application pools. The new rules require all DLLs to be installed in GAC.
The is a problem for me because I bin-deploy several dlls including the ASP.NET MVC Framework, HTML Agility Pack, ELMAH, and my own shared class libraries. I do this because:
- Eliminates web application server dependencies to the Global Assembly Cache.
- Allows me (the developer) to have control of what goes on inside my application.
- Enables the application to deployed as a "package".
- Removes application deployment burden from the server administrators.
Now, here are my questions.
- From a security perspective what are the advantages to using the GAC vs. bin-deployment?
- Is it possible to host multiple versions of the same DLL in the GAC?
- Has anyone run into similar restrictions?
© Stack Overflow or respective owner