Accessing a Shared Variable

One option is to have the service write to registry on a periodic basis.
Then the Windows app could read it from there.

Will this fit for your situation?

"MickyM" <ja******@gmail.com> wrote in message
news:11**********************@o13g2000cwo.googlegr oups.com...
I have a windows service developed in VB.NET that has a shared
variable. I would like to access the value of this variable from a
separate VB.NET windows app which is on the same server.

Is this possible? I would like to stay away from Remoting if possible.
Can anyone give me some ideas of how I might do this?

Thanks,
Micky

No, actually, I need to be able to read it from "memory." I can't
write out the value to the registry or the file system.

Anything else?

Thanks,
Micky

I don't think you can just access memory that is running in another process.

You would have to use remoting to ask for the variable.

But, I think Siva's recommendation is your best bet.

"MickyM" <ja******@gmail.com> wrote in message
news:11**********************@o13g2000cwo.googlegr oups.com...

No, actually, I need to be able to read it from "memory." I can't
write out the value to the registry or the file system.

Anything else?

Thanks,
Micky

The root of the problem is always more complicated. :) Here's the
real reason I need this and I probably need to post this in a different
group, but here goes:

We have 4 web servers that connect to our database servers. User
passwords and other data is stored encrypted in the database. In order
to decrypt the data, an encryption object is currently on each of the
web servers with the encryption key compiled into it. We were looking
for a more secure way of storing the encryption key. To be honest, I
think making the key available in a variable that is accessible is less
secure than having it compiled in the code.

Anyone have experience on this that can suggest how to keep the key
private and secure while having to make it available to code that is
run 24/7 without human intervention?

Does this make sense?

Thanks,
Micky

But wouldn't the windows service also have to have the key compiled into it,
and it would just put this out in a variable?

At some point, somewhere, you are going to have the key compiled into
something? Or in some sort of file or registry setting? It's got to to be
somewhere!

Are you worried about someone gaining access to your web server, and
decompiling your DLL's to see the key?

"MickyM" <ja******@gmail.com> wrote in message
news:11**********************@g43g2000cwa.googlegr oups.com...

The root of the problem is always more complicated. :) Here's the
real reason I need this and I probably need to post this in a different
group, but here goes:

We have 4 web servers that connect to our database servers. User
passwords and other data is stored encrypted in the database. In order
to decrypt the data, an encryption object is currently on each of the
web servers with the encryption key compiled into it. We were looking
for a more secure way of storing the encryption key. To be honest, I
think making the key available in a variable that is accessible is less
secure than having it compiled in the code.

Anyone have experience on this that can suggest how to keep the key
private and secure while having to make it available to code that is
run 24/7 without human intervention?

Does this make sense?

Thanks,
Micky

The windows service isn't going to have it compiled in it. It is going
to get it from a text file shared on another machine...I know....I know
:) (it will get the file when the computer first boots up with a
human there to enter in their username and password to get the file).

The main worry is exactly as you stated. Someone hacking the machine
and then decompiling to get the key. (Which to me sounds a lot harder
than getting around file permissions to get the key from a text
file...I mean the person did hack their way onto the computer right?)

We are trying to become PCI/CISP compliant. We had our first security
audit the other day and the auditor didn't like the idea of the key
being compiled in the code. I agree that it isn't exactly secure, but
I can't think of anything else that is more secure for this situation.
Any ideas would be greatly appreciated.

Thanks,
Micky

Does anyone know of a good newsgroup I could discuss this encryption
issue in?

Thanks,
Micky