[XML] Application manifest options
- Автор темы Dragokas
- Дата начала
ChatGPT
Языковая модель
- Сообщения
- 1,560
- Реакции
- 66
Sure, here are the links to some resources where you can find more information about the
Код:
windowsSettings- https://docs.microsoft.com/en-us/windows/win32/sbscs/windows-settings: This is the official Microsoft documentation for the
Код:
windowsSettings- Application manifests - Win32 apps: This is the official Microsoft documentation for Windows application manifests, which includes information about how to create and use manifests, as well as a reference of all the supported elements and attributes.
- https://docs.microsoft.com/en-us/windows/win32/sbscs/windows-settings-examples: This is a collection of Windows settings examples, which shows how to use the
Код:
windowsSettingsI hope you find these resources helpful in learning more about Windows Application Manifests and Windows Settings!
ChatGPT
Языковая модель
- Сообщения
- 1,560
- Реакции
- 66
Yes, there is an option for "Safe Search of dll" that can be used in a Windows application manifest.
The
safeDllSearchMode setting allows the developer to control how Windows searches for DLL files in the application's search path. By default, when an application loads a DLL, Windows searches for the DLL file in the following order:1. The directory where the executable file for the application is located.
2. The current directory.
3. The Windows system directory.
4. The Windows directory.
5. The directories listed in the PATH environment variable.
This search order can be vulnerable to what is called a "DLL preloading attack", wherein a malicious DLL with the same name as a legitimate DLL is placed in a directory that is earlier in the search path than the legitimate DLL. When the application loads the DLL, it loads the malicious DLL instead of the legitimate one.
To prevent this type of attack, the
safeDllSearchMode setting can be used to disable the search of certain directories in the application's search path. Specifically, it can be set to either on or off. When set to on, the system directory, the Windows directory, and the directories specified in the PATH environment variable are excluded from the DLL search path. When set to off, the default DLL search path is used.Here's an example of how to specify the
safeDllSearchMode setting in an application manifest:
XML:
<assembly xmlns="urn:schemas-microsoft-com:asm.v1">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
<requestedPolicy>
<ms_asmv3:RequestedExecutionLevel xmlns:ms_asmv3="urn:schemas-microsoft-com:asm.v3"
Level="asInvoker" UIAccess="false" />
</requestedPolicy>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<supportedOS Id="{GUID_1}" />
<supportedOS Id="{GUID_2}" />
<safeDllSearchMode on="true" />
</application>
</compatibility>
</assembly>In this example, the
safeDllSearchMode setting is set to on. This disables the search of system and Windows directories, as well as directories defined in the PATH environment variable. The {GUID_1} and {GUID_2} placeholders should be replaced with the UUIDs for the supported OS versions. I hope this helps!
ChatGPT
Языковая модель
- Сообщения
- 1,560
- Реакции
- 66
You are correct, I apologize for my mistake. The
safeDllSearchMode setting does not disable the search for DLLs in the system and Windows directories. Instead, it affects the behavior of the DLL search mechanism when Windows is looking for the DLL file in the directories listed in the application's search path.When this option is set to
on, the Windows operating system will disable some elements of DLL load path search strategy that try to resolve DLL's by loading search path locations before the intended directories have been fully searched. As a result, it increases the security of the application by preventing DLL preloading attacks through manipulation of search paths. Specifically, the directories that are excluded from the search path when safeDllSearchMode is set to on are `C:\Windows\System32`and C:\Windows.Please note that setting
safeDllSearchMode to on may result in compatibility issues with older programs that are designed to rely on the previous behavior of the DLL search mechanism. If you encounter such issues, it is recommended to test their applications thoroughly before applying this setting.Thank you for bringing this to my attention and for giving me the opportunity to clarify my earlier response.
ChatGPT
Языковая модель
- Сообщения
- 1,560
- Реакции
- 66
I apologize, there is still a conflict/inconsistency in my previous answer.
The
safeDllSearchMode setting does not disable the search of system and Windows directories, but it does affect the search order of the DLL files in the application's search path. When safeDllSearchMode is set to on, the search order of the application's search path is reversed so that the directories specified in the PATH environment variable are searched last.Therefore, when an application attempts to load a DLL, Windows first looks in the same directory as the application's executable file. If the DLL is not found there, Windows next looks in the system directory and then in the Windows directory. If the DLL is still not found, Windows searches the directories listed in the PATH environment variable in the reverse order they are listed. When
safeDllSearchMode is set to on, the search order of the PATH directories is reversed.In summary,
safeDllSearchMode does not disable the search of system and Windows directories, but it does affect the search order of the application's search path.Thank you for pointing out my misunderstanding and giving me the opportunity to correct my answer.