ClickOnce Code Security

G

Guest

I am in the process of creating a C# ClickOnce application that will be
deployed in the coming months. I was initially thinking of deploying it
through Windows Installation but due to the need of regular updates to the
program on the client end, ClickOnce led itself to be the better candidate.

With the initial Windows Installation I was planning on using obfuscation
built in Visual Studio to make the code unable to be reverse engineered (to a
certain extent). I was wondering how "secure" or "un-reverse engineerable"
ClickOnce deployment applications are. I found a reference through the
ClickOnce information pages that said "the application is put in an
obfuscated folder." I'm not exactly sure what that means and how secure that
is.

Any information on this matter would be greatly appreciated.
Thanks.
 
N

Nicole Calinoiu

The only aspect of the client-side target folder that might properly be
described as "obfuscated" is its name. Your assemblies will not be
automatically obfuscated at any point in the ClickOnce process. If you
would like to apply obfuscation, you will need to do so "manually",
including using mage or mageui to generate your manifests instead of doing
so via the VStudio UI.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Passing parameters to client with clickonce (security questions) 4
ClickOnce deployment 2
ClickOnce deployment on common pcs 3
Dotfuscator and ClickOnce 32
ClickOnce security 3
Problem with a clickonce application 1
ClickOnce fails to load after digital signature expired / renewed 1
Debugging a ClickOnce deployed application 2

Top