|Main Archive Page > Month Archives > full-disclosure-uk archives|
On 5/13/07, Just1n T1mberlake <firstname.lastname@example.org> wrote: >
> Of course no operating system is invincible when you have full access
> to the machine. You could just delete all of the files yourself.
> OSX isn't using all of the tricks like windows does to try and hide
> executables throughout dlls and other such files. Ever heard of dll
> hell? No wonder these machines are broken into so often.
An improperly coded DLL does no more damage to system security than an improperly coded standard EXE file. DLLs do not make it easier to break into a Windows machine.
Do you even know the purpose of using a DLL instead of an EXE? Do you even know what "DLL" means? Have you ever used a DLL? I've coded them, and there's nothing I can do with a DLL that I can't do with an EXE. A DLL isn't designed to hide executables for security reasons. It's designed to allow a library of code to easily be shared between applications (hence the name). They also allow libraries to be used and sold without having to release the source code.
As far as "DLL Hell" is concerned, that's just a type of "dependency hell," which allicts (or has afflicted) several different operating systems, including Mac OS and Linux. It also hasn't been a major problem with Windows since NT 4 and 9x. Even when it was at its worst in Windows 3.1, it was nothing compared to the extension conflicts of System 7. Those used to drive me nuts.