Chapter 15: Win32 API Advanced Techniques

Overview

• Developing Applications with the SACL

• Developing Applications with the DACL

• Making Controls and Components More Secure

• Making Files More Secure

• Developing Applications that Rely on Registry Functions

• Using Remote Unmanaged Components

This is the second half of the Win32 API coverage for the book. Chapter 14 discusses some of the basics you need to make Win32 API applications work and demonstrates the most common security procedures. This chapter covers a few of the less used security procedures from a .NET Framework perspective. All of the examples perform tasks that you can’t easily perform using the .NET Framework, and you won’t use these features as often because you can use other techniques in a .NET application. For example, you can use Discretionary Access Control List (DACL) entries to secure a file on your hard drive, but you can just as easily rely on the FileIOPermission class to perform the same task (see Listing 1.2 for details). However, you might need to use the DACL to ensure compatibility with an existing Win32 API application. It’s important to use the security model that best fits with your existing infrastructure to ensure you don’t accidentally create security holes.

Once the chapter shows you how to work with the Security Access Control List (SACL) and DACL, it moves on to common tasks you can perform. One of the more important tasks is learning to secure the registry. You can’t perform this task using the .NET Framework. Securing the registry is important if you want to use techniques to secure your applications, such as the one shown in Listing 6.1. The chapter also discusses such important issues as securing unmanaged components and controls you access from your managed code.