Stop Migration Outside Folder
OS: WinXP Pro, SP2, All Updates Current
I have written a program that links to an enterprise server. I'm the client. The program uses a dll provided by the enterprise company that allows me to both send and receive data between myself (client) and the enterprise server using the dll supplied functions.
I don't know what's inside the dll other than listing the header function names.
I would like to keep the server from accessing anything on the client other than the directory contents where my program resides.
QUESTION:
Is there a way to set permissions so as to keep someone inside a directory from migrating outside of that directory?
If so, how?
Thanks
David
I have written a program that links to an enterprise server. I'm the client. The program uses a dll provided by the enterprise company that allows me to both send and receive data between myself (client) and the enterprise server using the dll supplied functions.
I don't know what's inside the dll other than listing the header function names.
I would like to keep the server from accessing anything on the client other than the directory contents where my program resides.
QUESTION:
Is there a way to set permissions so as to keep someone inside a directory from migrating outside of that directory?
If so, how?
Thanks
David
0
Comments
But as to what this .dll does or how it's running no guarantees. If it's basically running in admin mode you can't stop it.
I'm not sure, that's why I'm asking.
Creating another user, if I'm the administrator, you would think would limit access outside the user account. I would think not only the program but also the dll would have to reside under the user account rather than Windows/System32.
IMHO, this presents a problem, not only for me but all users. Who's to say what's inside any dll when you load a 3rd party program. Additionally, from my understanding, an enterprise server is able to manipulate things in ways I'm not aware of, even without a dll residing on the client.
For example, based on my reading, remote services can supposedly be turned on/off remotely, even though they are disabled on a client machine, -- without a dll -- and without the client authorizing access.
If you are running in administrative mode on your computer, which typically everyone is. Then anything you run will be running under your credentials, aka administrator so that program has full access to everything.
If you want to protect yourself create a seperate user account and use that for normal use.
If you are a computer attached to a domain then the domain admin can pretty much do whatever they want to that computer, that's the point of being a domain admin and if it's a company computer you are using then that company owns that machine and has the right to do whatever they want on it.
If you are a contractor, using your own computer and just logging into a business place on occasion then you may be using some sort of VPN software with an assigned password. If that's the case they can't go in through the VPN tunnel to control your machine as they don't have domain authorization for that machine.
Wish I had a way to test it???