Is it secure to store something in a component?

Question

In the .net framework, I want to store some info inside of a component. Assuming that info isnt publicly exposed as a property, is it secure? Can someone see exactly HOW a component/control is configured? (with regards to the properties panel)

Short of decompiling, is there any way this could be insecure? I know it isn't the most secure thing to do anyway, but it is basically my only option.

For example, I create a simple winforms app which has my component in it. The component contains information to ensure that the winforms app is the app that it says it is, almost like a password. Would using this method be insecure? How hard would it be for someone to find out that "password"?

Answer 1

You're a bit vague. If you're looking at licensing your control(s), there's a wealth of info here about that.

But to directly answer your question, I'm not sure. Potentially, someone could inspect the IL that is produced by compiling the form with the control on it. If it's a magic string, I don't see why someone wouldn't be able to find it.

edit> As per your comment, if you make set{} private for the property, it should do what you're looking for.

Answer 2

Decompiling is trivial in .NET. Check out the free tool Reflector.

So no, I would say it is not secure.