How to secure DLL code

[Augie]

Hi All.

This might not be the correct place to ask this question... Then again I'm
not sure where else to ask this...

When you build a DLL to use with "OUR" code... How do you prevent others
from using the DLL?

Thanks.

Regards.

Augie

 

[William DePalo [MVP VC++]]

This might not be the correct place to ask this question... Then again I'm
not sure where else to ask this...

When you build a DLL to use with "OUR" code... How do you prevent others
from using the DLL?

On some fine (or terrible, depending on your point of view) day there may be
a "secure" version of Windows which allows only "trusted" applications to
run.

Until then, your are pretty much on your own. In the DLL you can call
GetModuleFilename() or something to find out who is calling you and perhaps
decide to accommodate him or not but nothing you can come up with is going
to be foolproof.

You might want to look into hardware "dongles" like the ones sold by Hasp
and Sentinel which don't out of the box restrict the caller's per se but try
to insure that only licensed end-users run the application.

Regards,
Will

 

[Augie]

Will,

Thanks... We can see there was a lot of effort put on this by MS part...


Is it possible to build *.lib files instead of *.dll instead (.Net code)?

Augie

 

[William DePalo [MVP VC++]]

Thanks... We can see there was a lot of effort put on this by MS part...

The world hasn't seen a lot of secure operating systems. The DoD has spent
about a half a billion dollars on the likes of the old Blacker but they
aren't talking much.

Is it possible to build *.lib files instead of *.dll instead (.Net code)?

Good question for which I don't have an answer. Do you know about
NetModules?

Regards,
Will

 

[Michael Viking]

Don't know if this would help, but one technique we've used is to create a
small segment of shared memory and then have "OUR" app write magic bits to
it. If the DLL doesn't see the correct bits, then it won't provide any
functionality.

-Michael Viking

 

[Augie]

Will,

NetModules?

Augie

part...

The world hasn't seen a lot of secure operating systems. The DoD has spent
about a half a billion dollars on the likes of the old Blacker but they
aren't talking much.
code)?

Good question for which I don't have an answer. Do you know about
NetModules?

Regards,
Will

 

[Augie]

Thanks.

That's a good idea. We plan on using a security key with our software. I
just didn't want to have a check in every function/class. So I'm going to
have to look for a way to validation here and there and then fail if the key
is not present.

Regards,

Augie

 

[William DePalo [MVP VC++]]

NetModules?

Your initial question asked about libraries.

You can look at a Net Module as a very loose equivalent of a library in the
sense that it is not meant to stand on its own but rather become part of a
larger assembly to be linked later.

Take a look at this link, especially the discussion of the NOASSEMBLY
option:

http://msdn.microsoft.com/library/d...y/en-us/vccore/html/vcrefEECOMCompilation.asp

Regards,
Will