Securing source code when distributing debug .NET .dll files?

578 views Asked by At

I've got a piece of web software which has a private component (a computational .DLL) that is consumed by a jointly developed website (ASP.NET). I develop the private .DLL and wanted to make sure that even when compiled as a debug .dll, it doesn't display/leak any of the private source code when the web-site developers are debugging the site and then step into calls that are inside the private .dll.

  1. Are there any special compile flags/settings or techniques to protect the resulting .dll ? Preferably something I can setup within Visual Studio 2010 without expensive add-ons.

  2. Not knowing the structure of windows binaries/dlls, is it even possible for the source to be embedded as meta data in the resulting binaries (.dll or .pdb) ? If it's not veen possible for the source to be embedded into the debug .dll/pdb then I guess I can drop my paranoia levels ... (FYI, some embedded systems concat the source and symbols at the end of the debug binary image)

Any other tips and points on securing IP inside DLLs is also appreciated.

1

There are 1 answers

2
Pranay Rana On BEST ANSWER

If you dont want to allow to step in your dll code than one soltuion is dont not provide your .pdb file with dll.

other thing is on net there are no of tool available which not allow to diassemble your dll.

EDIT

you can protect your dll and exe files and make the reflector to not understand them, you can use the Dotfuscator Community Edition comes with the VS 2008 professional Edition.

for those who did not have the professional Edition, they can use a free Dotfuscator I found it at downloads.com

http://download.cnet.com/Macrobject-Obfuscator-NET-2008/3000-2247_4-178720.html

original answer at : http://forums.asp.net/t/1442467.aspx/1