Hi Everyone,
What can be done to avoid DLL hijacking for a Powerbuilder application in a Windows environment.
Files may be signed using Microsoft sign tool but this will not protect from hijacking unless you somehow use verify to check the
files but I am not sure how feasible this would be.
Any ideas there are functions like LoadlibraryEx (specify path and file) but how would this work in a PB environment and would it be feasible ?
Thanks,
Ranj.
Also on the security tab of a project, I can use the following which means the application must Authenticode signed
Allow access to protected system UI
Select if the application needs to drive input to higher privilege windows on the desktop, such as an on-screen keyboard. Microsoft provides this setting for user interface Assistive Technology (Section 508) applications.
Note
If you check this box, the application must be Authenticode signed and must reside in a protected location, such as \Program Files\ or \windows\system32\.
I have tried Powerclient is works fine. However I cant use Powerclient yet thats why Im using manifest and Authenticode. My question is about the prorected location , it does not seem to be enforced, can you confirm if it is supposed to do that or it does not do it anymore ?
Thanks,
Ranjiv.
Yes I have tested it. I dont think the Powerbuilder documentation is correct:
"If you check this box, the application must be Authenticode signed and must reside in a protected location, such as \Program Files\ or \windows\system32\."
The above is not enforced I can run the application in a non protected area such as C:\TEMP\testpbmanifest
on the security tab of a project, I can use the following which means the application must Authenticode signed
Allow access to protected system UI
Select if the application needs to drive input to higher privilege windows on the desktop, such as an on-screen keyboard. Microsoft provides this setting for user interface Assistive Technology (Section 508) applications.
Note
If you check this box, the application must be Authenticode signed and must reside in a protected location, such as \Program Files\ or \windows\system32\.