Am 24.02.2011 23:57, schrieb Florian Höch: > On a related note, I was thinking about if it would be better to > change the current exclude blacklist to a whitelist approach (atleast > for Windows), where everything from \Windows is excluded by default, > and only some whitelisted stuff is included (e.g. pythonXX.dll, > pythoncomXX.dll)? +1
IMHO this would ease debugging: a) If a dll is not on the whitelist it will not be included and the .exe will not work at all. b) Finding out there is a dll missing should be easier than finding out there are to many dlls. c) Since application should not install dlls into \windows for quite some ears now, this should not be a problem. -- Schönen Gruß - Regards Hartmut Goebel Dipl.-Informatiker (univ.), CISSP, CSSLP Goebel Consult Spezialist für IT-Sicherheit in komplexen Umgebungen http://www.goebel-consult.de Monatliche Kolumne: http://www.cissp-gefluester.de/ Goebel Consult mit Mitglied bei http://www.7-it.de
smime.p7s
Description: S/MIME Cryptographic Signature
