C# – Why bother with strong names for private assemblies

assembliesc++strongname

We produce a number of applications that share assemblies. Since memory or disk space is not a problem, we use private assemblies by duplicating the shared assemblies into each app's local folder. This avoids the issues caused by putting them into the GAC. I hear that strong names are a real good thing that is required if we share assemblies in the GAC.

Is there a good reason to use strong names for private assemblies?

BTW: Here is an excellent reference on assemblies: link text

Best Solution

I should note that if you are moving files around directly, you are eliminating any benefits that the GAC provides you (most notably versioning).

For private assemblies which are not shared, strong-naming isn't vitally important. At most, it could prevent a malicious (non-admin) user from replacing your assembly with an unauthorized version. But then again, an administrator could disable strong name validation and allow this kind of "attack" relatively easily.