Interview Questions related to strong named assemblies

Can you copy a weak named assembly into GAC?
No, an assembly has to be strongly named to be copied into the GAC

What is the difference between a strong and weak named assemblies?
The following are the differences between a strong and weak named assemblies
1. Weak named assemblies can be duplicated and tampered with, where as strong named assemblies cannoth be tampered and duplicated.

2. Strong named assemblies can be copied into GAC, where as weak named assemblies cannot be copied.

3. A single copy of strong named assembly present in the GAC can be shared with multiple applications, where as weak named assembly must be copied into the bin directory of each project.

What is the main advantage of strong naming an assembly?
A shared assembly that is strongly named solves the DLL hell problem, that microsoft is notoriously known for. Please follow the articles below, to understand DLL hell and the solution.
What is DLL hell
How is DLL hell problem solved

Can a strong named assembly refer, a weak named assembly and why?
No, a strong named assembly cannot reference, another weak named assembly. If this is possible, the DLL hell problem will reoccur.

Explantion: When you reference a strong named assembly, you expect to get certain benefits, such as versioning and naming protection. If the strong named assembly then references an assembly with a simple name, which does not have these benefits, you lose the benefits you would derive from using a strong named assembly and revert to DLL conflicts. Therefore, strong named assemblies can only reference other strong named assemblies.

What is the downside of strong naming an executable (.EXE) ?
A strongly named assembly cannot reference a weak named assembly. Therefore, strong naming an EXE prevents the EXE from referencing weak named dlls, that are deployed with the application. For this reason, the Visual Studio project system does not strong name application EXEs. Instead, it strong-names the Application manifest, which internally points to the weak named application EXE. In addition, you may want to avoid strong-naming components that are private to your application. In this case, strong-naming can make it more difficult to manage dependencies and add unnecessary overhead for private components.

If you can improve any of these answer further, please feel free to do so by submitting the form below. Thank you very much for your contribution.

2 comments:

  1. There is no real benefit to strong naming an exe. The benefit to strong naming a dll, is that someone cannot replace it with their own version of a malicious one (and you can put it in the GAC). Unless you are referencing your exe in another project as if it were a dll (which would be strange), you don't need to strong name it.

    ReplyDelete
  2. the main reason to strong name an assembly is to protect the assembly from malicious attacks. when Strong naming the contents of the assembly get encrypted using the generated private key and the same id decrypted while loading using the public key token embedded with in the assembly, this ensures that the integrity of the assembly is maintained, if any hacker tries to modify the contents of the assembly, it will fail to load in the application, as it cannot be decrypted back using the public key token. a strong name assembly can only be modified using the private key token that was used to sign the assembly, and hence it is critical to keep the private key secret.

    ReplyDelete

If you are aware of any other asp.net questions asked in an interview, please post them below. If you find anything missing or wrong, please feel free to correct by submitting the form below.

 
Disclaimer - Terms of use - Contact Us