Security with Someone Elses ActiveX

dw85745 · 12 Jan 2019

I write a lot of code and for the first time I need to put someone elses (Other Microsofts) ActiveX on my system in order to access their server. The ActiveX is written in JAVA and Spy++ is of no use to view what API's are inside this ActiveX. Even it I could determine what API's, who knows what flags and code may exist other than what is exposed to the user.

This ActiveX will be sending data to a database that resides in another directory. However, I can move the database within the other directory to the ActiveX directory, but will need read/write access to the DB
for other purposes from another APP which resides elsewhere.

Anyway to somehow secure this ActiveX so it can only get to:
1) The DB in the same directory if I move it there
2) THe DB in another directory if it remains where it is currently located

Paul Black · 19 Jan 2019

Hi dw85745,

dw85745 said:

I need to put someone elses (Other Microsofts) ActiveX on my system in order to access their server.
The ActiveX is written in JAVA and Spy++ is of no use to view what API's are inside this ActiveX.

Anyway to somehow secure this ActiveX so it can only get to:

1) The DB in the same directory if I move it there
2) THe DB in another directory if it remains where it is currently located

I don't know if these will be of any use to you:-

[1] How to prevent ActiveX security risks.
[2] A Comparison between Java and ActiveX Security.

I hope this helps!

dw85745 · 15 Feb 2019

Paul Black:
For some reason never received notification of your post.
Thanks for responding.
Attached links help a bit, but Sadly not any viable solutions.
=============
FWIW: Reposted question(some duplication) with a bit more info.

Security -- Some basic Questions