Is it possible to limit DLL functionality?

Question

Let's say I want my clients to give the ability to create plug-ins for their application, but I don't want to make them hacks which poke with the memory of my program, is it possible to prevent this?

Or load the DLL in a kind of memory region where it won't have access to the main program memory?

Answer 1

You can let the plugins run in a separate process. Any information that is needed by the plugin is passed as a message to that process. Any result that is needed by the application is received as a message. You can have a separate process per plugin, or you can have all plugins run in the same process.

As an aside, most modern versions of a plugin feature use an embedded runtime environment, such as the JVM. Then, the plugin is running in the same process as the application, but within the confines of a virtual environment, which effectively limits the havoc the plugin can wreck upon your program. In this scenario, there is no DLL, but script code or byte code.

Answer 2

The short answer is "no".

Long answer: A DLL is loaded into memory, and will appear to be part of the executable file itself for all intents and purposes, both from the process's perspective, and the OS's perspective. Sure the DLL is (perhaps) shared between multiple executables, so the OS needs to track how many "users" there are of a particular DLL, but from one process' perspective, it's part of the executable. It's a separate address range, but the rights and permissions for the content of the DLL are exactly the same as any other DLL or the main exectuable itself.

If you have plugins, you need to TRUST the plugins. If that's not what you want, then don't use the DLL model to make plugins (e.g. use a shared memory region and another executable to allow access to the shared memory only).