|
Posted by David on September 7, 2008, 9:55 am
If you were Registered and logged in, you could reply and use other advanced thread options
Thanks for response Roger, but I need more specifics.
A dll may contain many used and unused functions. Hence who knows what may
reside in any DLL. Since a direct internet link is maintained between the
server and myself (client), the server may execute a function(s) within the
DLL unknown to the client -- hopefully not!
My understanding of NTFS is the design is to keep people from getting into
folders not out of them. Hence the orientation is based on user logon into
say my machine and then accessing a folder based on rights given to the user
at logon.
=====================
This is where "I Think" I'm confused.
If a DLL resides in c:\windows\system, that directory normally is a general
folder where most DLLs resides. Since I am the user of the program (also
administrator and normally logon as such), will the following solve any
potential DLL problems?:
1) Creation of a separate user account
2) Create a folder under this account
3) Move my program to the new folder under the new account
4) Move the supplied DLL to the new folder under the new account and
register it there (if possible)
5) Set user logon and folder permissions to read and execute
What if the DLL must reside in c\windows\system?
>> Confused -- Newbie to Permissions!!!!!
>>
>> 1) Sole owner and Admin of XP-Pro Machine.
>>
>> 2) I have a DLL incorporated into a program ("exe") I've written. This
>> "exe" maintains a real-time link to a server. Other than seeing the
>> function headers I don't what resides in the server provided DLL.
>>
>> 3) DLL is currently registered in c:\Windows\System
>>
>> 4) I would like to keep someone from the server side from accessing other
>> folders on my machine.
>>
>> QUESTIONS:
>>
>> How do I go about this?
>>
>> a) Move and Register the DLL in the "exe" folder?
>> b) Set permissions on the "exe" folder or do all higher folders need
>> to have permissions set?
>> c) What are the recommended permissions settings for this?
>> d) Is encryption needed?
>>
>
> David
>
> There are many, mnay unknowns left unanswered by what you have said.
> You wrote the exe, so you control what methods of the dll are called.
> Evidently you do not know what the methods do, at least not fully, so you
> do not have trust about what happens when exection has been transferred
> to the dll, and you have only said that a connection if maintained between
> the XP where your exe is running and some server.
>
> A general answer to your scenario would go at this by controlling the
> account the runs your exe, and hence is the security context in which the
> methods of the dll will execute. If that account has no permissions other
> than what is needed to run your exe, no permissions on extra areas of your
> XP machine, then you know exactly what might be accessed. That however
> is not always easy to do, since the account evidently needs to be able to
> log
> on locally in order to run the exe.
>
> Roger
>
| 
XML site map