I can use DCOMCNFG to disable remote launch on my DCOM application, but I would like to do this programatically. I looked at CoInitializeSecurity, but that does not seem to do it. Anyone done this?
I am using Delphi BTW.
+1
A:
The permissions for Remote/Local Activation/Launch are stored in the registry under the AppID for the object.
I'm not sure how to edit it programmatically.
Roger Lipscombe
2008-09-17 11:25:24
The registry item is LaunchPermimssion in HKEY_CLASSES_ROOT\AppidBut it is a long binary string that encodes permissions for various users. How to decode that seems to be the problem. Further research indcates that the answer may lie in the Security Descriptor Definition Language (SDDL).
dcraggs
2008-09-17 12:20:52
http://msdn.microsoft.com/en-us/library/aa379567.aspx
dcraggs
2008-09-17 12:21:29
+1
A:
The binary data is simply a security descriptor structure (PSecurityDescriptor). I mean it is a copy of the memory of this structure. And, of course, the security descriptor is self relative. JWSCL can create such a structure easily.
Launch- and AccessPermission list for every user access rights that also contain remote and local access.
ChristianWimmer
2009-12-21 18:59:54
A:
This is very similar to change Access Permissions in Component Services > COM Security with script/api? for which i posted a response.
Ruddy
2010-01-15 18:56:58