Windows (V3 Engine) Advanced Protection Parameters
The table below describes the advanced protection parameters available for Windows programs in Sentinel LDK Envelope. Default values are provided where relevant.
|
Parameter Name |
Description |
Default |
|---|---|---|
|
LOCKING_TYPE |
Determines the type of Sentinel protection key to which the program can be locked. |
HL or SL-AdminMode |
|
MESSAGE_OUTPUT_MODE |
Enables you to select how run-time user messages are provided. The following options are available: >1 (windows) displays messages in a message box >2 (eventlog) includes events related to running the protected program in the Windows Administration Tools Event Viewer utility >4 (stderr) displays messages to a user running Sentinel LDK Envelope from a command-line |
Only
windows |
| EXCLUDE_SECTION |
To exclude one or more binary sections from Envelope protection, select the relevant checkbox to change the value from False to True. |
|
|
SUSPEND_THREADS |
In a multi-thread application, if the Sentinel protection key periodic background check fails to detect a Sentinel protection key, all threads are suspended. When the key is detected again, all threads are resumed. |
True |
| ADVANCED_DEBUGGER_DETECTION |
When set to True, Envelope adds enhanced debugger detection to protected applications. However, this impacts the application performance during startup. If this impact not acceptable, set the parameter to False. |
False |
|
import_protection_V3 |
Enables Sentinel LDK Envelope to protect the import of an application or DLL. This helps to prevent reconstruction of the protected executable from a memory dump. IMPORTANT:
Only change this parameter if you have encountered specific problems
and Thales Technical Support has advised you to change it. If
this parameter is set to False,
the level of security for the application or DLL is significantly
reduced.
|
True |
| CONFIGURATION_STRING |
If you encounter certain issues while using Envelope to protect your application, Technical Support may be able to help you resolve them by providing special protection attributes. When instructed to do so by Technical Support, you use the CONFIGURATION_STRING parameter to enter these attributes. |
|
| KEEP_DEBUG_INFO |
When set to True, debug information for the application will be retained. If the protected application will execute in a production environment, this parameter should be disabled for best security. However, if the application is collecting crash dump information, this parameter should be enabled so that crash dump data can be collected. Note: This function will retain debug information for both executables and DLLs. |
False |
|
If selected: >Envelope displays a field that you can use to specify XML parameters for a custom login scope. >The protected program will only search for a Sentinel protection key according to the custom login scope that you specify. For information on the syntax for login scope parameters, see the topic "Scope Input XML Tags" in Sentinel Licensing API Reference. You can also paste a login scope that was created using Sentinel LDK ToolBox in this field. |
||