Understanding the Bin directory in DotNetNuke

There are a bunch of folders that are setup in a new DotNetNuke folder.

An Introduction to the DNN Folder Structure

  1. Admin
  2. App_Code
  3. App_Data
  4. App_GlobalResources
  5. Bin
  6. Controls
  7. DesktopModules
  8. Portals
  9. Providers

to name a few.

The \bin or folder is a special folder in asp.net websites. It is a shared code folder that is set to have special security permissions.

Putting compiled assemblies into the Bin folder can represent a security risk. If you wrote the code yourself and compiled it, then you know what the code does. However, you should treat compiled code in the Bin folder as you would treat any executable code. Be wary of compiled code until you have tested it and are confident that you understand what it does.

Note these security aspects of putting compiled code into the Bin folder:

  • Assemblies in Bin folder are scoped to the current application. Therefore, they cannot access resources or invoke code outside the current Web application.

  • At run time, the access levels of an assembly are established by the trust level specified on the local computer. For more information, see ASP.NET Trust Levels and Policy Files.

  • If you are working in a designer such as Visual Studio, code in the Bin folder runs in a different context than at run time. For example, the code might be running with full trust.

The code in these folders is not publically accessible to download, but can be accesses by the website to run.

If you are writing code that you care a lot about and want to make impossible to copy, you can obfuscate the code. This is what we do for example with all our DotNetNuke Modules, and prevents our code being reverse engineered and used illegally.

Digg This