C#, MEF - Sign trusted plugins for abuse reduction

Posted by Marks on Stack Overflow See other posts from Stack Overflow or by Marks
Published on 2010-05-10T09:10:02Z Indexed on 2010/05/10 9:14 UTC
Read the original article Hit count: 233

Filed under:

c#

|

MEF

|

plugin

|

signing

Hi there. I have a program that is extendable by plugins using the Microsoft Extensibility Framework. But i dont want untrusted sources to give out plugins that may be insecure. So i want to sign the plugins (maybe with Visual Studio's built in signing) and check if the plugins are trustworthy at program start.

I didn't find a way to check DLL signing from inside C#. And also there is the problem, that I load the plugins with a DirectoryCatalog. There is no way to tell, which plugin is from which file. Anyone knows a way to do this?

Thanks for any help, Marks

© Stack Overflow or respective owner

Related posts about c#

.NET WebRequest.PreAuthenticate not quite what it sounds like

as seen on West-Wind - Search for 'West-Wind'
I’ve run into the problem a few times now: How to pre-authenticate .NET WebRequest calls doing an HTTP call to the server – essentially send authentication credentials on the very first request instead of waiting for a server challenge first? At first glance this sound like it should be easy:… >>> More
HttpWebRequest and Ignoring SSL Certificate Errors

as seen on West-Wind - Search for 'West-Wind'
Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to… >>> More
The dynamic Type in C# Simplifies COM Member Access from Visual FoxPro

as seen on West-Wind - Search for 'West-Wind'
I’ve written quite a bit about Visual FoxPro interoperating with .NET in the past both for ASP.NET interacting with Visual FoxPro COM objects as well as Visual FoxPro calling into .NET code via COM Interop. COM Interop with Visual FoxPro has a number of problems but one of them at least got a lot… >>> More
Dynamic Type to do away with Reflection

as seen on West-Wind - Search for 'West-Wind'
The dynamic type in C# 4.0 is a welcome addition to the language. One thing I’ve been doing a lot with it is to remove explicit Reflection code that’s often necessary when you ‘dynamically’ need to walk and object hierarchy. In the past I’ve had a number of ReflectionUtils that used string based expressions… >>> More
Finding a Relative Path in .NET

as seen on West-Wind - Search for 'West-Wind'
Here’s a nice and simple path utility that I’ve needed in a number of applications: I need to find a relative path based on a base path. So if I’m working in a folder called c:\temp\templates\ and I want to find a relative path for c:\temp\templates\subdir\test.txt I want to receive back subdir\test… >>> More

Related posts about MEF

Can plugins loaded with MEF resolve their own internal dependencies with the same MEF container for

as seen on Stack Overflow - Search for 'Stack Overflow'
From my experimentation, I think the answer is "kind of", but I could have made a mistake. I have an application that loads appliance plugins with MEF. That part is working fine. Now let's say that my BlenderAppliance wants to resolve several of its dependencies with MEF, which each implement IApplianceFeature… >>> More
Question about mixing MEF and Unity

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm finally diving into Unity head first, and have run into my first real problem. I've been gradually changing some things in my app from being MEF-resolved to Unity-resolved. Everything went fine on the application side, but then I realized that my plugins were not being loaded. I started to… >>> More
Is it possible to mix MEF and Unity within a MEF-based plugin?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm finally diving into Unity head first, and have run into my first real problem. I've been gradually changing some things in my app from being MEF-resolved to Unity-resolved. Everything went fine on the application side, but then I realized that my plugins were not being loaded. I started to… >>> More
MEF CompositionInitializer for WPF

as seen on Reed Copsey - Search for 'Reed Copsey'
The Managed Extensibility Framework is an amazingly useful addition to the .NET Framework. I was very excited to see System.ComponentModel.Composition added to the core framework. Personally, I feel that MEF is one tool I’ve always been missing in my .NET development. Unfortunately, one perfect… >>> More
Creating extendible applications with MEF

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Ever wanted to create an application that is easy to maintain and even more easy to extend? Then the following piece by Michael Hensen about Microsoft Extension Framework (MEF) could be a solution for your needs! With MEF, which is part of VS2010 own extensions platform, you can write parts of an… >>> More