In many places, like in app.config/web.config files I have to specify types using this verbose fully qualified names, like
在许多地方,比如在app.config / web.config文件中,我必须使用这个详细的完全限定名称来指定类型,比如
<add name="myListener" type="System.Diagnostics.TextWriterTraceListener, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
This MSDN site says, that
这个MSDN网站说,那
Partial binding, which specifies only an assembly name, is not permitted when referencing assemblies in the .NET Framework.
在.NET Framework中引用程序集时,不允许使用部分绑定(仅指定程序集名称)。
Ok, good - but why in some places, like when defining my own custom trace listener can't I use partial binding when I'm referencing my own, non-strongly named, locally deployed assemblies? Is there any deeper reason for this?
好的,但是为什么在某些地方,比如在定义我自己的自定义跟踪侦听器时,在引用我自己的,非强名称的,本地部署的程序集时,我不能使用部分绑定?这有更深层次的原因吗?
2 个解决方案
#1
I imagine that part of it has to do with this:
我想它的一部分与此有关:
http://blogs.msdn.com/suzcook/archive/2003/05/30/57159.aspx
LoadWithPartialName was depreciated in v2 which I assume was used in a number of places to handle assembly names in config files.
LoadVithPartialName在v2中被折旧,我假设在许多地方使用它来处理配置文件中的程序集名称。
While it should work (it was only depreciated, not removed), I imagine they made the changes internally to anything that called it, including how config files were processed.
虽然它应该工作(它只是折旧,但没有删除),我想他们在内部对任何调用它的内容进行了更改,包括如何处理配置文件。
#2
It's a security issue. The binder follows a specific set of directories when it looks for an assembly. If I wanted to break your application maliciously, I could place in an assembly which defined your type in an appropriate spot. Your code would load this unsigned, untrusted assembly and start executing my code with whatever privilege your code is running at.
这是一个安全问题。绑定器在查找程序集时遵循一组特定的目录。如果我想要恶意破坏你的应用程序,我可以放入一个在适当的位置定义你的类型的程序集。您的代码将加载此未签名的不受信任的程序集,并以您运行代码的任何权限开始执行我的代码。
Secondly, the version is important, because it allows a deployed application relying on shared assemblies to be safely updated, as .net allows you to specify an updated policy on an assembly in the GAC.
其次,版本很重要,因为它允许依赖共享程序集的已部署应用程序安全更新,因为.net允许您在GAC中指定程序集上的更新策略。
Finally, in .net it is perfectly legal to have two assemblies which define the same type, that may have been written by different authors or companies, so the fully qualified name protects your code from doing the wrong thing.
最后,在.net中,拥有两个定义相同类型的程序集是完全合法的,这些程序集可能由不同的作者或公司编写,因此完全限定的名称可以保护您的代码不会出错。
#1
I imagine that part of it has to do with this:
我想它的一部分与此有关:
http://blogs.msdn.com/suzcook/archive/2003/05/30/57159.aspx
LoadWithPartialName was depreciated in v2 which I assume was used in a number of places to handle assembly names in config files.
LoadVithPartialName在v2中被折旧,我假设在许多地方使用它来处理配置文件中的程序集名称。
While it should work (it was only depreciated, not removed), I imagine they made the changes internally to anything that called it, including how config files were processed.
虽然它应该工作(它只是折旧,但没有删除),我想他们在内部对任何调用它的内容进行了更改,包括如何处理配置文件。
#2
It's a security issue. The binder follows a specific set of directories when it looks for an assembly. If I wanted to break your application maliciously, I could place in an assembly which defined your type in an appropriate spot. Your code would load this unsigned, untrusted assembly and start executing my code with whatever privilege your code is running at.
这是一个安全问题。绑定器在查找程序集时遵循一组特定的目录。如果我想要恶意破坏你的应用程序,我可以放入一个在适当的位置定义你的类型的程序集。您的代码将加载此未签名的不受信任的程序集,并以您运行代码的任何权限开始执行我的代码。
Secondly, the version is important, because it allows a deployed application relying on shared assemblies to be safely updated, as .net allows you to specify an updated policy on an assembly in the GAC.
其次,版本很重要,因为它允许依赖共享程序集的已部署应用程序安全更新,因为.net允许您在GAC中指定程序集上的更新策略。
Finally, in .net it is perfectly legal to have two assemblies which define the same type, that may have been written by different authors or companies, so the fully qualified name protects your code from doing the wrong thing.
最后,在.net中,拥有两个定义相同类型的程序集是完全合法的,这些程序集可能由不同的作者或公司编写,因此完全限定的名称可以保护您的代码不会出错。