I just recently found out here that it is possible (at least in c#) to lookup private fields and properties due to reflection.
I was surprized, allthough i knew that somehow constructs like the datacontract serializer need the possibility to access them.
The question now is, if anyone may access every field in my classes, this is kind of insecure. Isn't it? I mean what if someone has a private bool _isLicensed Field. It would be changed easiliy!
Later I found out here that the field accessors they are not meant as a security mechanism.
So how do I make my Application save, means how do I prevent anyone else than me changing essential status values inside my classes?
Aucun commentaire:
Enregistrer un commentaire