Holy cow, I wrote a book!
Say you have a collection of programs which work together.
One of them is the "master" program that runs the show,
and it has a bunch of "assistant" programs that it launches
to accomplish various subtasks.
These assistants are not meant to be run by themselves;
they are meant to be run only by the master program.
How do you design the assistant so that it can only be run
by the master?
There's nothing you can do to force the assistant to be run
only by the master,
since anything you do to detect the case
can be faked out by an attacker.
(Worst case is that they just run your program under the
debugger and patch out the code that looks for the master.)
So the purpose of this test is not so much to create an
as it is to prevent users from randomly wandering into the
directory and double-clicking stuff to see what happens.
The simplest way of doing this is to require a command-line
parameter that the master passes to say,
"Hey, it's me, the master.
It's okay to do that thing you do."
The command line parameter could be anything.
assistant.exe /run say.
If the command line parameter is not present,
then the assistant says,
"Um, please don't run this program directly.
Use the master."
You might decide to get really fancy and make the secret
but remember that there is no added security benefit here.
The user can compromise assistant.exe by simply
attaching a debugger to it,
at which point any defensive mechanism you create can simply
be disabled by a sufficiently-resourceful attacker.
(And there's a class of people who will see that you put a lot
of work into protecting your assistant,
and that will just convince them to work harder to circumvent the
Because something with this much protection must certainly be very
There's also a benefit to keeping the secret handshake simple:
It makes it a lot easier for you to debug the assistant program.
Instead of having to set up the master and then get the master
to do all the things it needs to generate the secret handshake
for the assistant,
you can just run your assistant directly with the magic flag,
and boom, you're off and debugging.
To make it even harder to run your program by accident,
you can give it an extension that is not normally executable,
That way, it cannot be double-clicked,
but you can still pass it to
(with some cajoling)