Security Issue with Dynamic loading of DLL
Working with dll i got into a situation where loading a dll can cause security threat.
lets say for example when you load a DLL, it gets same access privilege as the calling process.
So if calling process is running with Admin privilege the loaded dll gets the elevated privilege of admin. Which could be a threat to system.
So is there any way of specifying at the time of loading a dll about the priviliges.
OR How can we load a DLL with lower privileges level.
tajendra
Junior Poster in Training
53 posts since Mar 2010
Reputation Points: 34
Solved Threads: 7
Well, the DLL code will have complete access to the address space of the process.
Access to external resources (files etc) can be restricted by loading it into a sandbox.
Get an impersonation token with limited access rights/privileges
http://msdn.microsoft.com/en-us/library/aa378184.aspx
In a thread of your process, impersonate the user with limited access
http://msdn.microsoft.com/en-us/library/aa378612.aspx
Load the library, make all library function calls and unload the library from threads with impersonation turned on.
Caveat: I know nothing (absolutely nothing) about any Windows OS after XP; the above may or may not apply to Vista and the like.
vijayan121
Posting Virtuoso
1,606 posts since Dec 2006
Reputation Points: 1,159
Solved Threads: 287
