From 5ef6e97a9e4738e22eb6b825f2d2ece915819038 Mon Sep 17 00:00:00 2001
From: Marek Roszko <mark.roszko@gmail.com>
Date: Sat, 12 Mar 2022 12:57:15 -0500
Subject: [PATCH] Two very minor win32 calls to lock down dll/exe search paths
 from cwd

---
 libs/kiplatform/msw/app.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libs/kiplatform/msw/app.cpp b/libs/kiplatform/msw/app.cpp
index 297dcfeb07..04c0f06061 100644
--- a/libs/kiplatform/msw/app.cpp
+++ b/libs/kiplatform/msw/app.cpp
@@ -54,6 +54,13 @@ bool KIPLATFORM::APP::Init()
     WerSetFlags( WER_FAULT_REPORTING_ALWAYS_SHOW_UI );
 #endif
 
+    // remove CWD from the dll search paths
+    // just the smallest of security tweaks as we do load DLLs on demand
+    SetDllDirectory( wxT( "" ) );
+
+    // Moves the CWD to the end of the search list for spawning processes
+    SetSearchPathMode( BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT );
+
     return true;
 }