I've got a piece of web software which has a private component (a computational .DLL) that is consumed by a jointly developed website (ASP.NET). I develop the private .DLL and wanted to make sure that even when compiled as a debug .dll, it doesn't display/leak any of the private source code when the web-site developers are debugging the site and then step into calls that are inside the private .dll.
Are there any special compile flags/settings or techniques to protect the resulting .dll ? Preferably something I can setup within Visual Studio 2010 without expensive add-ons.
Not knowing the structure of windows binaries/dlls, is it even possible for the source to be embedded as meta data in the resulting binaries (.dll or .pdb) ? If it's not veen possible for the source to be embedded into the debug .dll/pdb then I guess I can drop my paranoia levels ... (FYI, some embedded systems concat the source and symbols at the end of the debug binary image)
Any other tips and points on securing IP inside DLLs is also appreciated.
If you dont want to allow to step in your dll code than one soltuion is dont not provide your .pdb file with dll.
other thing is on net there are no of tool available which not allow to diassemble your dll.
EDIT
you can protect your dll and exe files and make the reflector to not understand them, you can use the Dotfuscator Community Edition comes with the VS 2008 professional Edition.
for those who did not have the professional Edition, they can use a free Dotfuscator I found it at downloads.com
http://download.cnet.com/Macrobject-Obfuscator-NET-2008/3000-2247_4-178720.html
original answer at : http://forums.asp.net/t/1442467.aspx/1