Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: plz suggest security for DLL functions

From: Valdis.Kletnieks () vt edu
Date: Fri, 01 Jul 2005 14:18:04 -0400
On Fri, 01 Jul 2005 15:26:06 +0530, Gaurav Kumar said:

if it would have been so simpler, i wouldnt have asked it here, 
the application design doesnt allow us to use the conventioal
loadlibray method. we need to export functions also and at the same
time protect from misuse.


Give them a DLL that just tosses an RPC call to a secured server that you
manage.

In general, if it's (even potentially) in their address space, they can misuse
it. So the only real solution making sure that your Secret Sauce code is on
some other system where they can't find out it's just Miracle Whip and a shot
of jalepenos....

Another, even better, idea is to give them a click-through EULA that contains
a line of the form "misusing or reverse-engineerng our usage of jalepenos will
result in a $MOBY surcharge and/or other legal action...."

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: