41. What is an Asssembly Qualified Name? Is it a filename? How is it different?
An assembly qualified name isn't the filename of the assembly; it's the internal name of the assembly combined with the assembly version, culture, and public key, thus making it unique.
e.g. (""System.Xml.XmlDocument, System.Xml, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"")
42. How is a strongly-named assembly different from one that isn’t strongly-named?
Strong names are used to enable the stricter naming requirements associated with shared assemblies. These strong names are created by a .NET utility – sn.exe
Strong names have three goals:
· Name uniqueness. Shared assemblies must have names that are globally unique.
· Prevent name spoofing. Developers don't want someone else releasing a subsequent version of one of your assemblies and falsely claim it came from you, either by accident or intentionally.
· Provide identity on reference. When resolving a reference to an assembly, strong names are used to guarantee the assembly that is loaded came from the expected publisher.
· Name uniqueness. Shared assemblies must have names that are globally unique.
· Prevent name spoofing. Developers don't want someone else releasing a subsequent version of one of your assemblies and falsely claim it came from you, either by accident or intentionally.
· Provide identity on reference. When resolving a reference to an assembly, strong names are used to guarantee the assembly that is loaded came from the expected publisher.
Strong names are implemented using standard public key cryptography. In general, the process works as follows: The author of an assembly generates a key pair (or uses an existing one), signs the file containing the manifest with the private key, and makes the public key available to callers. When references are made to the assembly, the caller records the public key corresponding to the private key used to generate the strong name.
Weak named assemblies are not suitable to be added in GAC and shared. It is essential for an assembly to be strong named.
Strong naming prevents tampering and enables assemblies to be placed in the GAC alongside other assemblies of the same name.
43. How does the generational garbage collector in the .NET CLR manage object lifetime? What is non-deterministic finalization? The hugely simplistic version is that every time it garbage-collects, it starts by assuming everything to be garbage, then goes through and builds a list of everything reachable. Those become not-garbage, everything else doesn't, and gets thrown away. What makes it generational is that every time an object goes through this process and survives, it is noted as being a member of an older generation (up to 2, right now). When the garbage-collector is trying to free memory, it starts with the lowest generation (0) and only works up to higher ones if it can't free up enough space, on the grounds that shorter-lived objects are more likely to have been freed than longer-lived ones.
Non-deterministic finalization implies that the destructor (if any) of an object will not necessarily be run (nor its memory cleaned up, but that's a relatively minor issue) immediately upon its going out of scope. Instead, it will wait until first the garbage collector gets around to finding it, and then the finalisation queue empties down to it; and if the process ends before this happens, it may not be finalised at all. (Although the operating system will usually clean up any process-external resources left open - note the usually there, especially as the exceptions tend to hurt a lot.)
44. What is the difference between Finalize() and Dispose()? Dispose() is called by the user of an object to indicate that he is finished with it, enabling that object to release any unmanaged resources it holds. Finalize() is called by the run-time to allow an object which has not had Dispose() called on it to do the same. However, Dispose() operates determinalistically, whereas there is no guarantee that Finalize() will be called immediately when an object goes out of scope - or indeed at all, if the program ends before that object is GCed - and as such Dispose() is generally preferred.
45. How is the using() pattern useful? What is IDisposable? How does it support deterministic finalization? The using() pattern is useful because it ensures that Dispose() will always be called when a disposable object (defined as one that implements IDisposable, and thus the Dispose() method) goes out of scope, even if it does so by an exception being thrown, and thus that resources are always released.
46. What does this useful command line do? tasklist /m "mscor*" Lists all the applications and associated tasks/process currently running on the system with a module whose name begins "mscor" loaded into them; which in nearly all cases means "all the .NET processes".
47. What’s wrong with a line like this? DateTime.Parse(myString); Therez nothing wrong with this declaration.Converts the specified string representation of a date and time to its DateTime equivalent.But If the string is not a valid DateTime,It throws an exception.
48. What are PDBs? Where must they be located for debugging to work? A program database (PDB) files holds debugging and project state information that allows incremental linking of debug configuration of your program.There are several different types of symbolic debugging information. The default type for Microsoft compiler is the so-called PDB file. The compiler setting for creating this file is /Zi, or /ZI for C/C++(which creates a PDB file with additional information that enables a feature called ""Edit and Continue"") or a Visual Basic/C#/JScript .NET program with /debug.
A PDB file is a separate file, placed by default in the Debug project subdirectory, that has the same name as the executable file with the extension .pdb. Note that the Visual C++ compiler by default creates an additional PDB file called VC60.pdb for VisulaC++6.0 and VC70.PDB file for VisulaC++7.0. The compiler creates this file during compilation of the source code, when the compiler isn't aware of the final name of the executable. The linker can merge this temporary PDB file into the main one if you tell it to, but it won't do it by default. The PDB file can be useful to display the detailed stack trace with source files and line numbers.
49. What is FullTrust? Do GAC’ed assemblies have FullTrust? Before the .NET Framework existed, Windows had two levels of trust for downloaded code. This old model was a binary trust model. You only had two choices: Full Trust, and No Trust. The code could either do anything you could do, or it wouldn't run at all.
The permission sets in .NET include FullTrust, SkipVerification, Execution, Nothing, LocalIntranet, Internet and Everything. Full Trust Grants unrestricted permissions to system resources. Fully trusted code run by a normal, nonprivileged user cannot do administrative tasks, but can access any resources the user can access, and do anything the user can do. From a security standpoint, you can think of fully trusted code as being similar to native, unmanaged code, like a traditional ActiveX control.
GAC assemblies are granted FullTrust. In v1.0 and 1.1, the fact that assemblies in the GAC seem to always get a FullTrust grant is actually a side effect of the fact that the GAC lives on the local machine. If anyone were to lock down the security policy by changing the grant set of the local machine to something less than FullTrust, and if your assembly did not get extra permission from some other code group, it would no longer have FullTrust even though it lives in the GAC.
The permission sets in .NET include FullTrust, SkipVerification, Execution, Nothing, LocalIntranet, Internet and Everything. Full Trust Grants unrestricted permissions to system resources. Fully trusted code run by a normal, nonprivileged user cannot do administrative tasks, but can access any resources the user can access, and do anything the user can do. From a security standpoint, you can think of fully trusted code as being similar to native, unmanaged code, like a traditional ActiveX control.
GAC assemblies are granted FullTrust. In v1.0 and 1.1, the fact that assemblies in the GAC seem to always get a FullTrust grant is actually a side effect of the fact that the GAC lives on the local machine. If anyone were to lock down the security policy by changing the grant set of the local machine to something less than FullTrust, and if your assembly did not get extra permission from some other code group, it would no longer have FullTrust even though it lives in the GAC.
50. What does this do? gacutil /l | find /i "Corillian" The Global Assembly Cache tool allows you to view and manipulate the contents of the global assembly cache and download cache.The tool comes with various optional params to do that.
""/l"" option Lists the contents of the global assembly cache. If you specify the assemblyName parameter(/l [assemblyName]), the tool lists only the assemblies matching that name.
51. What does this do .. sn -t foo.dll ?
Sn -t option displays the token for the public key stored in infile. The contents of infile must be previously generated using -p.
Sn.exe computes the token using a hash function from the public key. To save space, the common language runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -tp option displays the public key in addition to the token.
Sn.exe computes the token using a hash function from the public key. To save space, the common language runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -tp option displays the public key in addition to the token.
Posts
0 comments:
Post a Comment