Discussions tagged Security

Short of writing a custom interface, can anyone suggest an alternative to the PB standard functions GetFileOpenName() and GetFileSaveName()? We are wanting to let users select a file for open or save, but restrict their ability to change the folder b...
Hi Everyone, What can be done to avoid DLL hijacking for a Powerbuilder application in a Windows environment. Files may be signed using Microsoft sign tool but this will not protect from hijacking unless you somehow use verify to check the  files ...
Hi PB users, With the new Security Bulletin: Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) we start to answer our customers that they are not affected by our applications because we only use classic Powerbuilder branch and we do...
Hi PowerBuilder community, Currently, all PowerBuilder runtime DLL files have been signed, which is great. Part of the PowerBuilder runtime (for PowerBuilder 2019 R3) is pbdwr.pbd.That file isn't signed as far as I can tell. Perhaps it cannot be si...
Hello fellows, Are there tools to provide code protection, obfuscation and software system licensing for applications genertated in Powerbuilder (powerscript)?. Thanks....
We are currently using Infomaker 2019.  We have some forms that were created with Infomaker.  We are adding some fields to one of these forms.  However, the fields we are adding have some confidential information.  As a result, we want the user to ve...
Are there any samples or guidance for securing a ASP.NET Core 3.1 Web API as templated by SnapDevelop?   For example, I am working from the following fine sample: ASP.NET Core 3.1 - Simple API for Authentication, Registration and User Management | ...
Hi All! How sign a xml file with a certificate x.509? Here we use many many xml files to exchange information between companies and we need sign with certificate x.509 (A1, A3...) these files to guarantee the security... Is there a resource in PB ...
Hi all, One of my apps uses the PFC security app to set up users, groups and access to windows, etc (I know old school right). I only use it to prevent certain users from seeing [admin] options on the menu and being able to click on them to open win...
We've just had a security review and one thing that has been highlighted as important is that the PDFs generated by Powerbuilder PDFLib contain metadata.. which in of itself is okay, but one of the elements is the name of the windows user who created...
Hello All, We have our applications on Powerbuilder 2019. Due to third party requirement, we need to scan our code for vulnerabilities using any 'Source code Analysis tools' and generate report. I didn't find any tool for PB scripts. Can anyone kin...
We have number of applications in Power Builder 10.x and 12.x with SQL server as back end database using ODBC connections. These are built using Power builder Classic. I know PB 10.x/12.x is not supported anymore. I need an advice from experts on wha...
Can someone please provide guidance on how to configure a database connection to use SSL to a Sybase ASE database?  I need to know how to connect from both the Powerbuilder IDE and, separately, from a client/server application. We are currently usin...
Hello, I'm trying to understand security for a PowerServer deployment when used to deploy a traditional Powerbuilder (classic) application. Is there good documentation that I could read, and could be shown to security architects? In particular, I'...
Hi everyone, currently I'm using PowerBuilder 2017 connected to Oracle 19C. During some audit test of my app I received some notifications about my tool. When I have SQL scripts embedded in my code, if I run the tool and test the memory, those scrip...
I have a client running a Powerbuilder 12.5 Classic application on Windows 10 workstations and for some reason they are unable to type or tab into any editmask fields unless they run the application as an administrator.  This client has their UAC max...
Does anyone know of any tools that might be able to analyze a Powerbuilder classic app for potential security vulnerabilities?  Sort of like an HP Fortify for native Powerscript?  I saw an answer to a similar question that it may be possible with cer...
Was wondering if anyone was using some sort of two tier security login for apps.  If so which product did you choose. We are looking at a primary login (user name and password) then some sort of SMS/email/web service to send/noifiy a user of a key...
We have a webservice (Developed in C#) for Authorize.net. From the Powerbuilder we are generating Web Service Proxy Objects. Everything seems to have worked till now since Authorize.net was using TLS 1.0. After the authorize.net Upgraded to TLS 1.2 ,...
Can Lightweight Directory Services be used on Windows 7 (which is not connected to a domain) as the PowerServer LDAP server?  I can connect to the LDAP server from AEM, and I can see the groups defined in Directory Services, but I have not been able ...
  • Page :
  • 1