how to prevent other .exe to call my .exe

checkingrandom 206

Hi Basically this question is for safety purpose. I have my own application(.exe files) stored in a folder.

I want to prevent the calling of my .exe files by third party applications.

Example: I have three application(.exe files) I want to open all the three application only by myself (i.e the opening right of those exe should be my own .exe alone) no third party application should open it.

is that possible to do so?

Let me give my attempt details, I used signature check of the parent process, it achieved but the drawback is when the parent is terminated the pid is also terminated or reused so at that time we cant able to find the signature.

Note: all the calling process acts as a thread so parent is needed to get the signature.

Viorel 111.8K Reputation points

2022-05-18T07:10:28.113+00:00

Why do you permanently need the parent's signature? Maybe it is enough to check it at startup, when the parent exists.
checkingrandom 206 Reputation points

2022-05-18T07:36:44.567+00:00

I am calling my child process as a thread, after calling the thread suddenly the parent is terminated. so before the child process check for the parent details the parent is terminated and the PID used to get the path and signature is terminated.
Junjie Zhu - MSFT 14,366 Reputation points Microsoft Vendor

2022-05-18T08:34:39.96+00:00

Hi, Hari!
I think it's safer to use digital signature. Have you tried SingTool?
Do you want your EXE to be opened only by double-clicking?
View the parent process, explorer will also access your exe.
Viorel 111.8K Reputation points

2022-05-18T09:19:45.477+00:00

How are you calling the child process as a thread?
checkingrandom 206 Reputation points

2022-05-18T11:42:28.687+00:00

Do you want your EXE to be opened only by double-clicking?

No, With double clicking it wont open because of digital signature check in main function, so the only way to open is to call the process through other exe having valid signature of mine. otherwise it wont open.

In that approach only I'm getting struck....!
checkingrandom 206 Reputation points

2022-05-18T11:57:15.97+00:00

I'm simply calling a function(which has the .exe opening codes) as a thread and detaching it from the calling thread
RLWA32 40,021 Reputation points

2022-05-18T12:53:18.91+00:00

Is the launching process (I e., the parent) simply exiting normally immediately after starting the child process?
checkingrandom 206 Reputation points

2022-05-18T13:02:43.417+00:00

yeah after starting the thread, I detach the thread and the parent process exit immediately
RLWA32 40,021 Reputation points

2022-05-18T13:10:27.073+00:00

Okay, so you want the parent process to stick around until the child has had a chance to do signature verification.

So instead of exiting immediately the parent process can start the child process and then wait on an event object to be to be signaled by the child. When the child is done checking the signature it signals the event object and the parents then exits.
checkingrandom 206 Reputation points

2022-05-19T05:47:58.253+00:00

But say for example, if the parent waits for the first child to be signaled, then the concept of multitasking cannot be done right..! then my whole application will lags in execution time.
RLWA32 40,021 Reputation points

2022-05-19T09:34:25.227+00:00

You have it backwards. The child process signals the parent and continues processing (assuming verification succeeds). It is the parent that does the waiting.

If you want the parent to start 3 child processes then it can start all of them and then wait for each one to signal that they have finished verification before it terminates. You said earlier that a separate thread is used for the parent process so its waiting should not be an issue.

1 answer

Guido Franzke 2,196 Reputation points

2022-05-18T06:11:34.773+00:00

Hello,
you cannot prevent other apps to start your exe files.

Since your exes are called within your self-written apps, you could use the paramter list and provide a special "startup-key" (just a parameter string which no-one knows, e.g. "myexe.exe -l2kfeii2fncx84mxa4"). If this is not present when starting main, then you can exit your exe programmatically.
Here's how to use the parameter list of main:
pass-arguments-into-c-program-from-command-line
For WinMain, MFC apps etc there are special operations to get the values in the parameter list.
Regards, Guido
Please sign in to rate this answer.

1 person found this answer helpful.
checkingrandom 206 Reputation points

2022-05-18T07:02:25.397+00:00

Hi Guido, that was an fantastic idea, but in case if a local social engineer knows the "startup-key" he can leak the key and anyone can able to access it when it becomes as a product right ?

But a digital signature check is common, if the signature belongs to me I allow the exe to open or else not.

That's what I'm searching.

Ok I would like to ask can we able to find the parent of the process even after the parent is terminated, so that we can use the signature check as common.

Guido Franzke 2,196 Reputation points

2022-05-18T09:21:39.85+00:00

I would like to ask can we able to find the parent of the process even after the parent is terminated, so that we can use the signature check as common

When the parent process is terminated, all child processes will terminate too. Accordingly, the parent process is always running when the child process is running.
Here are examples how to get the parent process:
method-for-win32-programs-to-get-the-id-of-the-parent-process.html
Get-Parent-Process-PID

Regards, Guido

RLWA32 40,021 Reputation points

2022-05-18T09:26:51.377+00:00

If the parent process is terminated, all child processes will terminate too. Accordingly, the parent process is always running when the child process is running

That would be the case if a properly configured Job Object was being used. Otherwise, the lifespan of parent and child processes are independent.
Sign in to comment