Categorizing DCOM Proxies and Stubs
DCOM marshals references to objects by constructing OBJREFs that contain CLSIDs. These CLSIDs are vulnerable to security attacks because arbitrary DLLs can be loaded during marshaling. However, the EOAC_NO_CUSTOM_MARSHAL flag can be specified when calling CoInitializeSecurity (see EOLE_AUTHENTICATION_CAPABILITIES). Setting this flag helps protect server security when using DCOM because it reduces the chances of executing arbitrary DLLs. When this flag is set, the server allows the marshaling only of CLSIDs that are implemented in ole32.dll, comadmin.dll, comsvcs.dll, or es.dll, or that implement the CATID_MARSHALER category ID.
CATID_MARSHALER is a component category GUID that can be associated with a CLSID that is being custom marshaled. The interfaces being custom marshaled with this CLSID are allowed when the EOAC_NO_CUSTOM_MARSHAL is set via CoInitializeSecurity.
Related topics