Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
How to make external prg look for DBF inside calling exe
Message
De
09/10/2015 06:00:30
Dragan Nedeljkovich (En ligne)
Now officially retired
Zrenjanin, Serbia
 
 
À
07/10/2015 16:57:05
Walter Meester
HoogkarspelPays-Bas
Information générale
Forum:
Visual FoxPro
Catégorie:
Codage, syntaxe et commandes
Titre:
Re: How to make external prg look for DBF inside calling exe
Versions des environnements
Visual FoxPro:
VFP 9 SP2
OS:
Windows 10
Network:
Windows 2008 Server
Database:
MS SQL Server
Application:
Web
Divers
Thread ID:
01625594
Message ID:
01625739
Vues:
62
>So if you're using external PRGs the DoCmd function is not going to open extra doors that were not already open anyways. If someone wants to do something bad they don't need that extra door. Closing down the DoCMD is doing absolutely nothing to security or protection of your code.

And even if all such holes are shut, there's still the possibility that your exe can be run from VFP IDE (via "do the.exe") from inside a .prg where you have an "on key label ctrl+shift+F4 suspend". With 101 keys on the standard keyboard, that would be about 800 lines of "on key label xxx *" just to prevent this kind of trick, executing in the first milliseconds of the start, which I guess nobody has done yet. And then there's the debugger and intellisense in the command window, which make the suspended exe open for surgery.

I had to do this only once, some 15 years ago, but I'd guess this gate is still open.
back to same old
the first online autobiography, unfinished by design
What, me reckless? I'm full of recks!
Balkans, eh? Count them.
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform