Do not expose Handle as IntPtr? #221
Labels
Discussion
Plan the future
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As IntPtr could be saved by the user. It can be used to access already freed code which is a programming error.
We could try to hide Handle again from the public API or we expose only the safe handle itself.
Afaik wrapping the safe handle again to hide the GetDangerousHandle method is only security by obscurity because a user can use reflection to get the value nevertheless.
If I remember correctly the handle is exposed just for us or other library Devs. A user of the Nuget will have no need or API available to use the handle.
With this we would only protect ourself and other library Devs against accidental access if we cache the safehandle somewhere in the code other than the object itself.
As we should never cache the safehandle (or the intptr) we could consider keeping the code as is.
I don't have a fixed opinion on this. Any thoughts or did I got something wrong with my interpretation of the situation?
The text was updated successfully, but these errors were encountered: