PureBasic 6.04 LTS is out !

[Quin]

Thanks Fred and team!

[fryquez]

I wasn't expecting this would happen when I showed Kukulkan this manifest option.

@User_Russian
Just use a hex editor and change back the manifest template
inside pbcompiler.exe and pbcompilerc.exe (it's in plain ascii text).

[Fred]

I wasn't expecting this would happen when I showed Kukulkan this manifest option.

Is there something I'm missing here, what's the issue ?

[User_Russian]

It won't be optional, you don't want your program to be explicitly vulnerable.

This manifest does not eliminate vulnerabilities.
It is still possible to inject the dll into the process.
This should be optional with the ability to turn it off.

Just use a hex editor and change back the manifest template
inside pbcompiler.exe and pbcompilerc.exe (it's in plain ascii text).

It's a joke?
Protecting against dll injection using a manifest does not at all prevent dll injection into a process, but it creates many problems due to the manifest. The manifest should not be forced into all applications! It should be optional. If you need it, turn it on, if you don't need it, turn it off. Having the manifest enabled forever is a bad solution.

[Fred]

I will just stop arguing with you because you obviously doesn't even try to understand what I said earlier. BTW, the manifest is always included in PB executable, there is just a few lines added in it to makes sure the official microsoft libs are loaded from the System32 path instead of the current application directory.

[fryquez]

It's a joke?

No, I just wanted to show you a solution.

Is there something I'm missing here, what's the issue ?

Well, is there any others programming language that does this?
You just broke 3 supported Windows builds and properly don't even know why.

Microsoft could easily prevent all DLL Hijacking vulnerable, if they want!
But they don't do it.
To put it simply don't force security option on everyone, if you don't comprehend them.

[Fred]

Well, I don't pretend to know everything, so could you tell exactly what it brokes ? That's why there is a beta version.

[Little John]

Microsoft could easily prevent all DLL Hijacking vulnerable, if they want!
But they don't do it.

How does this insight help us here?

[skywalk]

I did not try this manifest change yet.

Can I still use my own SQLite3.dll or other custom dll's installed in my app path?

Code: Select all

CompilerIf #SQLITE_USE_DLL  ;-! USE sqlite3.dll
  #SQLITE_DLL_FNPATH$ = "C:\MyApp\db\sqlite3.dll"
  ;#SQLITE_DLL_FNPATH$ = "C:\Program Files\DB Browser for SQLite\sqlite3.dll"
  ;#SQLITE_DLL_FNPATH$ = "C:\Program Files\DB Browser for SQLite\sqlcipher.dll"
  UseSQLiteDatabase(#SQLITE_DLL_FNPATH$)
CompilerElse
  #SQLITE_DLL_FNPATH$ = #Empty$
  ;BUG;UseSQLiteDatabase(#SQLITE_DLL_FNPATH$)
  UseSQLiteDatabase()
CompilerEndIf

[Fred]

Of course, you shouldn't see any change. If you do please post here.

[skywalk]

Great!
Really confused why there are objections to an automatic approach to reducing possible dll hijack?
Especially if the manifest tweak can be manually edited.

[User_Russian]

Especially if the manifest tweak can be manually edited.

It needs to be edited inside the compiler (pbcompiler or pbcompilerc).
This is not an easy task.

[skywalk]

Yes, I believe you.
But, there are tools available instead of writing your own code.
Resource Hacker wiki
Resource Hacker questions

[BarryG]

It is still possible to inject the dll into the process.

From what I've read, this new manifest thing just stops a malware DLL from being run when your exe initially starts; nothing more. It doesn't protect against DLL injection later while the exe is running.

[idle]

Especially if the manifest tweak can be manually edited.

It needs to be edited inside the compiler (pbcompiler or pbcompilerc).
This is not an easy task.

Don't worry, it's easy to swap the the manifest.
I'm not really looking forward to seeing XP support go in 6.10 as I still have XP boxes to support and even one that runs a public web server which has only gone offline in prolonged power cuts, I just closed the windows and it's F.I.N.E even if its (Feeling Insecure and Needs some Encouragement) but that's besides the point.