Closed lanopk closed 2 years ago
Hi @lanopk ,
What the reason to do that ?
I am worried that someone will modify the dll of Dokan and steal my IO data and abuse it. Since Dokan is open-source, I am worried that there will be a security risk when someone modifies the source and replaces the dll.
To change the library and the driver, the person will need the admin rights which means the environment is compromised. Which means whatever you will try to do to secure your app can be bypassed. You could do a checksum at start of the files but how can you trust it if the env is compromised ?
FYI inspecting and manipulating the IO between apps and filesystem is in Windows design through filter drivers. A compromised environment could have a malicious one.
Let me know if you need further information
Feature request can skip this form. Bug report must complete it.
Check List
must be 100% match or it will be automatically closed without further discussion. Please remove this line.Environment
Check List
Description
I wonder if there is a way to detect these files if someone modified them after I installed the donan2.dll, dokannp2.dll and donan2.sys files. Or is there a way to prevent these file changes? I would appreciate it if you could suggest a way to do this.
Logs
Please attach in separate files: mirror output, library logs and kernel logs. In case of BSOD, please attach minidump or dump analyze output.