From 17539a564e6034e6828b7ff6aa3299ad8a9607e9 Mon Sep 17 00:00:00 2001
From: Marek Roszko <mark.roszko@gmail.com>
Date: Sat, 12 Mar 2022 12:57:15 -0500
Subject: [PATCH] Two very minor win32 calls to lock down dll/exe search paths
 from cwd

---
 libs/kiplatform/msw/app.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libs/kiplatform/msw/app.cpp b/libs/kiplatform/msw/app.cpp
index 4e29478f41..897d62fda0 100644
--- a/libs/kiplatform/msw/app.cpp
+++ b/libs/kiplatform/msw/app.cpp
@@ -49,6 +49,13 @@ bool KIPLATFORM::APP::Init()
     // ensure the WER crash report dialog always appears
     WerSetFlags( WER_FAULT_REPORTING_ALWAYS_SHOW_UI );
 
+    // remove CWD from the dll search paths
+    // just the smallest of security tweaks as we do load DLLs on demand
+    SetDllDirectory( wxT( "" ) );
+
+    // Moves the CWD to the end of the search list for spawning processes
+    SetSearchPathMode( BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT );
+
     return true;
 }