|
Posted by Roger Abell [MVP] on March 8, 2008, 9:17 am
If you were Registered and logged in, you could reply and use other advanced thread options
It is not possible to answer your questions with the information
that is available. Moving the dll to some other directory will
almost certainly accomplish nothing. If the dll is registered it
could be used by allowed accounts no matter were it is stored
provided only that the attempting account is allowed.
You said your program uses this to access the remote system.
You did not say that your program is running all of the time.
You did not say that anything else uses the code provided by
this company, whether they provided only the dll, whether the
dll is used by svchost to run a service, whether the code binds
to any ports listening for incoming connections, etc..
If you use a cmd prompt and run tasklist /svc is there any
indication that some part of their code is running as a service?
If you at the cmd prompt run netstat -abv is there any sign that
their code is binding to a port as a listener?
Roger
>I have a program which links to an enterprise server in real-time.
>
> My program uses a DLL provided by the company who owns the server. This
> DLL is currently registered in C:\Windows.
>
> ============================
> My security objective is to keep the server operator from accessing my
> system through their DLL (my machine remote access is disabled) if such
> code is included within the DLL -- or -- possibly turn on my remote access
> remotely (which I understand can be done) even though it is disabled.
>
> If I move the DLL to a specific directory (folder) along with my program,
> how do I configure my system so that:
>
> 1) I can execute my program as system administrator, and
> 2) Keep the server provider within the program directory I created
> without getting into other directories (folders) or drives on my system.
>
> Thanks
> David
>
>
| 
XML site map