Does dynamic linkng reduce the security of the program?

If I use dynamic linking in my program,does it cause security problems for my program(I mean will it be easily crackable?)?But products of some big companies like Adobe use some dynamic linking(at least there are dll files in photosohop folder)
> If I use dynamic linking in my program,does it cause security problems for my program?
> (I mean will it be easily crackable?)

It can have the same kind of vulnerabilities that a call to std::system() or CreateProcess() / fork()-exec() might create.

In a security concious environment,

you may want to make sure that the library is not spoofed (perhaps using a technique similar to the one used by the CLI assembly loader if it is your own library, or verifying a checksum if it is not).

And ideally execute code in a third-party library after dropping privileges to the minimum required level (run library initiated code in a sand box if the environment supports Code Access Security).

If there is an exploit, the impact is more serious than that of running another process via (say) std::system(). There is no operating system provided security or fault isolation - the library can access your memory, it can load more libraries into your process address space, and if it calls std::abort(), your program will abort.
Last edited on
Thanks for your answer.
closed account (N36fSL3A)
Now you can hit the solved button so people know this thread is solved.
Topic archived. No new replies allowed.