Checking an assembly for a strong name

Question

Is it possible to check if a dynamically loaded assembly has been signed with a specific strong name?

Is it enough / secure to compare the values returned from

Answer 1

There's little point in testing the strong name after the assembly got loaded. An attacker could simply inject a module constructor in the assembly and execute any code desired. The .NET 3.5 SP1 version of the framework followed suit and is no longer verifying the strong name of assemblies that get loaded from trusted locations. Startup times improve by about 40%.

The key point is: once an attacker compromises the machine to a point where he is able to inject an assembly in the probing path of your application, he won't bother doing it the hard way. He'd just replace your EXE file.