Unique -- Limiting User to Inside Folder

  • Thread starter Thread starter dw85745
  • Start date Start date
D

dw85745

I have a program which links to an enterprise server in real-time.

My program uses a DLL provided by the company who owns the server. This DLL
is currently registered in C:\Windows.

============================
My security objective is to keep the server operator from accessing my
system through their DLL (my machine remote access is disabled) if such code
is included within the DLL -- or -- possibly turn on my remote access
remotely (which I understand can be done) even though it is disabled.

If I move the DLL to a specific directory (folder) along with my program,
how do I configure my system so that:

1) I can execute my program as system administrator, and
2) Keep the server provider within the program directory I created without
getting into other directories (folders) or drives on my system.

Thanks
David
 
It is not possible to answer your questions with the information
that is available. Moving the dll to some other directory will
almost certainly accomplish nothing. If the dll is registered it
could be used by allowed accounts no matter were it is stored
provided only that the attempting account is allowed.
You said your program uses this to access the remote system.
You did not say that your program is running all of the time.
You did not say that anything else uses the code provided by
this company, whether they provided only the dll, whether the
dll is used by svchost to run a service, whether the code binds
to any ports listening for incoming connections, etc..
If you use a cmd prompt and run tasklist /svc is there any
indication that some part of their code is running as a service?
If you at the cmd prompt run netstat -abv is there any sign that
their code is binding to a port as a listener?

Roger

"dw85745" <dw85745_NOT@earthlink.net> wrote in message
news:es1GLULgIHA.5260@TK2MSFTNGP03.phx.gbl...
>I have a program which links to an enterprise server in real-time.
>
> My program uses a DLL provided by the company who owns the server. This
> DLL is currently registered in C:\Windows.
>
> ============================
> My security objective is to keep the server operator from accessing my
> system through their DLL (my machine remote access is disabled) if such
> code is included within the DLL -- or -- possibly turn on my remote access
> remotely (which I understand can be done) even though it is disabled.
>
> If I move the DLL to a specific directory (folder) along with my program,
> how do I configure my system so that:
>
> 1) I can execute my program as system administrator, and
> 2) Keep the server provider within the program directory I created
> without getting into other directories (folders) or drives on my system.
>
> Thanks
> David
>
>
 
Back
Top