开发者

bin-deploying DLLs banned in leiu of GAC on shared IIS 6 servers

开发者 https://www.devze.com 2022-12-29 11:15 出处:网络
I need to solicit feedback about a recent security policy change at an organization I work with.They have recently banned the bin-deployment of DLLs to shared IIS 6 application servers.These servers h

I need to solicit feedback about a recent security policy change at an organization I work with. They have recently banned the bin-deployment of DLLs to shared IIS 6 application servers. These servers host many isolated web application pools. The new rules require all DLLs to be installed in GAC.

The is a problem for me because I bin-deploy several dlls including the ASP.NET MVC Framework, HTML Agility Pack, ELMAH, and my own shared class libraries. I do this because:

  • Eliminates web application server dependencies to the Global Assembly Cache.
  • Allows me (the developer) 开发者_运维问答to have control of what goes on inside my application.
  • Enables the application to deployed as a "package".
  • Removes application deployment burden from the server administrators.

Now, here are my questions.

  • From a security perspective what are the advantages to using the GAC vs. bin-deployment?
  • Is it possible to host multiple versions of the same DLL in the GAC?
  • Has anyone run into similar restrictions?


  1. It allows them to turn the trust policy knob to eleven.
  2. Yes. Be sure to bump your [AssemblyVersion] when you make a breaking change
  3. Yes.

Try not to argue the decision, you can't win. Make sure all your assemblies are strong-named, test with gacutil.exe

0

精彩评论

暂无评论...
验证码 换一张
取 消