问题
I am distributing an authenticode signed self-extracting executable whose content I control.
It contains a mushroom of MSI-based installers that controls a hot swap of a distributed system, so it cannot easily be an MSI itself.
It would be nice to have if the executable just checked its own authenticode and refused to self-extract if not signed. I do realize that this provides no real integrity guarantee, but it would reinforce the message that the content is in no way customizable and perhaps make some formal certifications easier to handle.
One possible strategy might be based on with this still unanswered question. Any other ideas?
回答1:
This is not possible in the general case. If someone has tampered with your binary, perhaps they'll also remove your self-check.
If it was possible to build a completely tamper-proof executable, then it would be impossible for anyone to pirate software.
What you are asking for can most closely be achieved by creating an self-extracting executable and then applying a commercial copy-protection package to it.
To do so, use your favourite search engine to search for "executable copy protection".
来源:https://stackoverflow.com/questions/10541801/self-extracting-self-checking-executable