Has anybody an idea where I can find more detailed information on the security implications of wrapping a 32 bit dll in a 32 bit out of process COM server to be able to call the DLL from a 64 bit application?
Has anybody an idea where I can find more detailed information on the security implications of wrapping a 32 bit dll in a 32 bit out of process COM server to be able to call the DLL from a 64 bit application?
I suppose it is less safe, but what would be the exact new attack vectors resulting from it - that make it less safe?
I suppose it is less safe, but what would be the exact new attack vectors resulting from it - that make it less safe?
Roland Kossow I haven't worked a whole lot with out of process COM either but I know that local and remote COM servers use the same protocol: ORPC. It's not the most light weight IPC because it's intended to make communication between COM client and server transparent regardless of whether the server is on the same machine or a remote machine. I'm not entirely sure what security features of DCOM are disabled (if any) when you're running a local server.
ReplyDeleteRoland Kossow In any case I think if you have a malicious process on the target machine secure IPC may be the least of your worries.
ReplyDeleteGiven that your original DLL could be replaced with a dummy DLL who's only task was to record data passed through its method interface before passing it on to the original DLL, I'm not sure the COM approach will have any higher risk.
ReplyDelete