Is is necessary to Securing private .Net assemblies?

Question

I am currently working on a .net project which I am dividing into different assemblies.

One assembly (a dll) will contain most of the domain logic, and the other assemblies (.exe) will contain most of the presentation and control logic.

My question is, if I want to prevent someone from getting my DLL, and adding it as a reference on Visual Studio and develop a new interface for the model without my permission, can I do this with just building the assemblies as private? Does building the assemblies as private means that only the assemblies that were built together can be referenced by each other?

What is the easiest way to build an application and have its DLLs and EXEs function as a single logical unit on which a DLL assembly can only be referenced by the referencing assemblies when the project was built.

Regards,

Answer 1

The InternalsVisibleToAttribute can be of help. Just slap it onto the .dll using the .exe assembly full name and make everything in the .dll internal:

[assembly:InternalsVisibleTo("full name of the .exe")]

internal class Whatever { }
internal interface IWhatever { }

If you use strong names that would be even safer, because otherwise I could just create an .exe with the same file name as yours.

There is also an MSDN page about Friend Assemblies.

Answer 2

Are you attempting to protect against casual or deliberate misuse of your assemblies? For casual misuse, declaring a semi-public API via friend assembly use will work. However, any fully trusted code will be able to invoke even low-visibility members in your assemblies via reflection, so restricting visibility offers no protection against deliberate misuse. For such scenarios, it is sometimes worthwhile to obfuscate your semi-public API in order to make it more difficult for unintended callers to consume it.