Link to home
Start Free TrialLog in
Avatar of s_federici
s_federici

asked on

How to prevent DLL registration

How is it possible to prevent DLL registration in Windows (9x/2000/XP/VIsta)?
Are there administrative settings that would prevent DLL registration? Are there applications that would prevent DLL registration?

Thanks
SOLUTION
Avatar of jkr
jkr
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of s_federici
s_federici

ASKER

Thanks. I just don't understand well your comment "Restricting access to regsvr32.exe is error prone, since any 'DllRegisterServer()' entry point can be called manually and this does not work on non-NTFS partitions anyway."

Could you expand on this, please? Do you mean that even doing what you suggest someone can overcome the block? If so, I didn't understand how they could.
No, if you restrict the access rights in the registry, this can only be overcome by an administrator. If you however restrict regsvr32.exe (which is usually the tool of choice for DLL registration), this leaves other means to register DLLs, as e.g. described in http://support.microsoft.com/kb/207132 ("INFO: How Regsvr32.exe Registers and Unregisters COM DLLs"). The code in this article can be placed in any program to perform DLL registration.
So you mean that restricting regsvr32.exe won't work as an application will still be able to register a DLL, whereas restricing access in the registry works fine (and only an administrator will be able to register a dll), right?
Yes. Furthermore, restricting the executable only works on NTFS, which leaves out Win9x.
Now I need a clairification about what I will do after I got the "Authorization for HKEY_CLASSES_ROOT dialog. I mean, I have a "test" user (administator) and a new user I created just to test how the block you suggested works. Show I remove the "Users" line in the Users/Groups list?
Sorry, I meant "SHOULD I remove the "Users" line in the Users/Groups list?"
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial