"Chris" <> wrote in message
news:...
> The precompiled code - is it really easy to reverse engineer?
It's as easy as any other compiled .NET assembly, because that's what it is.
There are obfuscation tools available:
http://www.preemptive.com/products/dotfuscator/ and others...
> The http route - how secure is this.
As secure as the http protocol is, because that's what it uses...
> How do you prevent people from capturing the upload, do you need to do it
> over an SSL line or does VS take care of that.
Visual Studio.NET won't automatically secure an upload natively for you...
> Would there be a way of making the deployment process one way. You can
> upload but you can't download.
That's not really a Visual Studio.NET question... Something like that would
need to be done at network level...
> And this is really stupid but how do you secure it so only certain people
> can deploy. I don't see that in the tutorials.
Well, one possibility would be to use Web Deployment Projects:
http://msdn2.microsoft.com/en-us/asp.net/aa336619.aspx They deploy a
solution onto your network, so you could restrict access to the deployment
folder as required. Then, you would FTP the files from the deployment folder
to your website, using an FTP account for which only your network
administrators know the password...
Your organisation maybe needs to take a bit of a step back here, though, and
ask itself just how secure does all this *really* need to be...
There's paranoid, and then there's paranoid...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net
Similar Threads
