Reputation: 5277
What is the "Isolated Image" attribute in a PE?
If i view a portable executable's innards, inside the IMAGE_OPTIONAL_HEADER section there is the IMAGE_DLLCHARACTERISTICS_NO_ISOLATION field, which as Microsoft mentions here it means that: "The image is isolation aware, but should not be isolated.". However, I don't understand what is meant, or implied here and can't find more information on this. This option also exists as a Visual Studio option and it is enabled by default (VS 2015 C++) when one creates a Win32 application project. I'd like to know what it does to code generation before i enable it.
If someone knows, please share. Thanks in advance.
Upvotes: 3
Views: 465
Answers (1)
Reputation: 137517
It controls whether the Windows loader looks for a manifest when loading the process:
/ALLOWISOLATIONcauses the operating system to do manifest lookups and loads.
/ALLOWISOLATIONis the default.
/ALLOWISOLATION:NOindicates that executables are loaded as if there were no manifest, and causes EDITBIN Reference to set theIMAGE_DLLCHARACTERISTICS_NO_ISOLATIONbit in the optional header'sDllCharacteristicsfield. When isolation is disabled for an executable, the Windows loader doesn't try to find an application manifest for the newly created process. The new process doesn't have a default activation context, even if there is a manifest in the executable itself or if there is a manifest that has the nameexecutable-name.exe.manifest.
https://msdn.microsoft.com/en-us/library/69xzf91x.aspx
Upvotes: 5
Related Questions
- Portable executable structure explanation
- What is the image base (in windows PE files)
- About ImageBase of .EXE in windows
- What is there before ImageBase address in Virtual Address?
- PE format, what is the use for IAT Directory
- Difference between .exe and .pe files?
- What is in the Reserved1 field of the IMAGE_LOAD_CONFIG_DIRECTORY32 structure?
- PE file section names
- What are the effects of the PE header "subsystem" field?
- About the entry point of PE in Windows