Why does Windows allow DLL Injection (but Linux doesn't)? - linux

There are plenty of articles online that describe how DLL Injection works and what it can be used for. There has been lots of software written (both malicious and non) to use this functionality, but there's a question that I can't find the answer to with my Google-Fu and that is...why does Windows have/allow such a technique but Linux (and its ilk) do not?
LD_PRELOAD doesn't count as it doesn't allow runtime injection. I also know about injectso but that's not official.
What problem is DLL Injection supposed to solve, and since Linux doesn't have this functionality, how does it solve that problem? If possible please provide references to backup your answer, ideally first-party ones. Thank you.

Related

WPP tracing for linux

I'm looking for a way to output traces to a log file in my code, which runs on linux.
I don't want to include the printing information in the binary, in every place I deploy it.
It windows, I simply used WPP to trace without putting the actual traces strings in my binary.
How can this by achieved in Linux?
I'm not very familiar with Linux tools in this area, so maybe there is a better system. However, since nobody else has made any good suggestions, I'll make a suggestion. (Probably not a very good suggestion, but the best I can think of right now.)
In theory, you could continue to use wpp. Wpp is simply a template system. It scans the configuration and input files to create data structures. Then it runs a template, fills in the data values it got from the scan, producing the tmh files. You could create a new set of templates that would use Linux apis instead of Windows apis, and would record the message strings in a way that works with some other log decoder system.
I noticed this question only now and would like to add my two cents to the story just for a case. Personally, I truly appreciate Windows WPP Tracing and consider it probably the best engineering solution for practical development troubleshooting among similar tools.
It happened I extended WPP use to Unix-like platforms twice. We wanted to use strong sides of WPP concept in general and yet use it in a multi-platform pieces of code. This was not a porting but rather a wrapper to specific WPP use we configured on Windows. One time we had a web service to perform actual WPP pre-processing on Windows; it may sound a bit insane but it worked fine and effective within the local network. A wrapper script that was executed before each compilation sent a web request, got a processed file and post-processed the generated include file to make it suitable for Unix-like platforms. The second time we implemented a simplified WPP pre-processor of our own (we found yet additional use for it - we could generate the tracing statements differently for production and unit testing, for example). This was a harsh solution: you anyway need to use some physical tracing framework behind the wrapper on non-Windows platform (well, the first time we apparently implemented our own lower level).
I do not think the Linux world has a framework comparable to WPP. Once I even thought it could be a great idea to make an open source porting project for WPP. I am not sure it would be much requested though. I said it is a great engineering solution. But who wants to do dirty engineering work? Open source community prefer abstract object-oriented and generic solutions, streaming and less necessity in corresponding tools (WPP requires special management tools and OS support).Ease of code writing is the today's choice.
There could be Microsoft fault (or unwillingness) in the lack of WPP popularity too. They kept it as an internal framework that came out just by a case with Windows DDK because they have to offer some logging/tracing solution for driver developers. Nobody even noticed much that WPP is well suitable for the user-space code too. And WPP pre-processor for C#, for example, has never been exposed to public at all.
Nevertheless, I still think that WPP porting to Unix/Linux work can be a challenging, interesting and maybe even useful attempt. If someone decides to lead it. :)

Creating a Windows Script Host Language

Ok, I know I've asked this in the past (and can no longer find that question), and I know I personally have seen many useful articles, documentation and tutorials on how to do this - yet I can no longer find a single one of them on Google. So, please refrain from marking as a duplicate, unless it really does answer my question.
How can I create my own Windows Scripting Host Language? (I believe they're called "Engines"), and what tools and resources are available to aid in this journey? And is there more than one way to go about it, or are there different approaches that we can take to accomplish this?
Starters for theory:
Windows Script Interfaces Reference
Starters for implementation:
How to add support for hosing VBScript to your MFC application (dated/stale)
Where to steal from:
Sources of ActiveState's Perl/Python script engines
LuaScript
Ruby A B

Is it sensible to build an application with static linking on linux?

I need to build an application running on an embedded vendor supplied version of linux. According to the documentation it has libc version 2.8.90. I have built a simple application in C++ on a desktop and copied the binary across to the hardware along with copies of the libraries it is linked to. In order to remove any potential conflicts of linking against different versions of libraries I considered attempting to link to libraries statically. After some research I found the following question and answers and after reading through it gave the impression that linking statically is not a good thing to do. What I could not find here (or anywhere else so far) was a simple explanation of why this seems to be frowned upon. It would seem to me (pretty much a novice to linux) to be a way of solving my problem of bundling my executable as a single package and running it on my hardware but clearly it seems to be considered a bad idea but can someone please explain why??
Obviously I am aware that it would cause bloating of my binary but I am not worried about that. Additionally, I am aware of the licensing issues, but I am not concerned with that aspect of things particularly. This is not a commercial application so I do not think that it applies to me.
The advantages are, as you expect, a single binary that works without having to install the other dependencies and which you can easily move around.
The disadvantages are the size and the need to recompile the entire application if there's an update (e.g. a security fix) to the linked library and perhaps licensing issues (as you've noted).
Tradeoffs. If it solves your problem, go for it.

Sandboxing a program using WinAPI hooks

I'd like to sandbox a native code and use hooking of WinAPI and system functions to block or allow this program to perform some operations like reading/writing files, modify Windows registry, using an Internet connection. Is it a good and secure way to do so? How difficult would it be for that program to bypass such a security layer?
I've checked your questions and they all are related to the task that seems to be invalid from the very beginning, and here's why: you are trying to secure one application and you are ready to reinvent the wheel for this. There exist several approaches (and many ready-made solutions) to solve your problem. So instead of coding you need to look at existing solutions.
The approaches are:
use Windows permissions to restrict
access of your application to
resources
take take VMWare or Parallels or
other virtualization platform and
run your program there
take sandboxing SDK (such as
BoxedApp) and "wrap" your
application.
+1 to Hans, however if you are really into it then I can recommend Easyhook. I have personally used it successfully in Win XP, Vista and 7. I don't know how bypassable it is but other alternatives do exist - madSHI hooks, and, if you want to go the official way, try Detours from Microsoft.
Antivirus apps try to solve nearly the same problem, without much success.
1. You'd never know how even most common operations can be used.
2. There're syscalls, so the program doesn't have to use winapi at all.

is there any replacement of Access? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
I am a programmer, and my father uses Access to collect the patients information (my father is a doctor),
He wants me to teach him how to use it.
I don't like Access (I'm a linux guy), and I cannot find any replacement of it. Do you guys know of any? (it must be easy enough for my father to use)
Maybe you need to be a bit more pragmatic about this.
I'm not a fan of Access either, but if your father already understands it and he already has the system in place, you need to ask the question, why change? If it aint broke don't try to fix it.
You may find that a few simple changes in the existing system gives your father everything he needs, it'll save you a whole lot of time and means you don't need to retrain your father.
What about OpenOffice - Base?
Your father wants you to teach him how to use access but you're a linux guy and don't like access.
Access isn't the problem here
I don't think you and your father a good fit for this.
Get someone else to teach him how to use Access
Access is not always the monster it is made out to be. A poorly coded database in any application or language is a poorly coded database. Access' dominance of the market at a critical time led to more people coming across a higher ratio of poorly designed databases.
There's a great deal of support out there for Access users and programmers too. I particularly like Access World Forums. As ilivewithian said, if you're not happy telling him about it, get someone else to.
If however you are keen to take on the role of tutor to your dad (and I can see the attraction - a chance to give something back, perhaps), then I would suggest a web-based database interface. Unlike Oli, I have no experience of Django, but I would recommend Dabble or blist. (Blist is particularly good at handling images, Dabble is better at flexible report formats, though neither is as good at reports as Access, IMHO).
I think the natural successor to Access is a simple web-interface database system.
They're simple enough to create in a billion different ways but I would seriously suggest trying Django (because you'll find its admin area does 90% of the real work for you in this case)
FileMaker Inc. is subsidiary of Apple. It runs on Mac OS X as well as Windows (whereas MS Access only runs on Windows). Many people claim FileMaker is easier to use than MS Access. Sounds like FileMaker might be the perfect solution for you! (although I do agree with ilivewithian)
There's also Sun's counterpart to MS Access in OpenOffice/StarOffice called BASE (someone already mentioned this), which is also cross-platform compatible.
Rather than develop his own record keeping application he would probably be better off purchasing an already developed system from one of the numerous medical record system vendors. He'll get a better application and have people he can call on for support. Plus there are all of the legal issues about medical record storage and access. A vendor will have worked out those problems already.
That having been said there are many other file based databased systems out there: http://www.google.com/search?q=file+based+database
I haven't used any of them so I can't make a recommendation.
Of course, there's always the various enterprise databases (Oracle, MySQL, SQL Server, etc...) as well. Of those SQL Server is probably the easiest to learn for a newbie. Since there's no 64 bit version of Access I'm starting to see people replace Access with SQL Server Express (free!) for small applications that need to run on 64 bit windows.
I am using Viravis now for more than 6 months in a multi-language organization with several projects and I find it very good. It's not only easy to build (I am a beginner) but they give also very good support!
Gambas ist a very good alternative for Access if one used Access as a database frontend and programmed with VBA (Visual Basic fro Applications). One can reuse a lot of code written for Access and create forms and reports easily.
So for a VB or VBA programmer, who wants to use the own knowledge under Linux, Gambas is a wonderful solution.
No first hand experience, but you can try out OpenOffic.org Database. Or, you may teach your Dad to use the MySQL GUI tool.
Getting the database structure is the toughest part for most. Creating a simple form or report is not that tough either. As far as being a users (data entry, reports, etc.) is probably easier than most applications. You also have all the searching and sorting capabilities; why reinvent the wheel?
Viravis may be an online alternative to the access database. You should better to check it out if it fit your need.
For Windows and simple data, I would use Excel, so I think Open Office should be ok. Unless your father has a hospital, it will probably fit... Or you can do some programming, take embedded database like Firebird and write something on your own, say - in Java?

Resources