[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]
Date: Fri Jul 1 19:18:19 2005
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: plz suggest security for DLL functions
On Fri, 01 Jul 2005 15:26:06 +0530, Gaurav Kumar said:
> if it would have been so simpler, i wouldnt have asked it here,
> the application design doesnt allow us to use the conventioal
> loadlibray method. we need to export functions also and at the same
> time protect from misuse.
Give them a DLL that just tosses an RPC call to a secured server that you
manage.
In general, if it's (even potentially) in their address space, they can misuse
it. So the only real solution making sure that your Secret Sauce code is on
some other system where they can't find out it's just Miracle Whip and a shot
of jalepenos....
Another, even better, idea is to give them a click-through EULA that contains
a line of the form "misusing or reverse-engineerng our usage of jalepenos will
result in a $MOBY surcharge and/or other legal action...."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050701/97beb3a0/attachment.bin
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux