Re: ODBC running as a service

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Hajo Kirchhoff <mailinglists.no.spam@xxxxxxxxxxxxxxxxx>
Date: Sat, 20 Aug 2005 07:56:10 +0200

Lidiane Moreira wrote:

Thanks!
I was running as Local System Account. I changed it to the System administrator account, and now it works just fine.

Great to hear its working. But general security wisdom is, you should never run anything under System Adminstrator account unless it is really, really neccessary (which almost never is). The problem is, should your service get hacked (buffer overflow or whatever other vulnerability), a hacker will have system administrator rights. The best way to do this is to create a new local account with very limited access rights to run your service under, so should a hacker gain access via your service, the impact is very limited.

Think about it. Example: System Administrator has access to all files on your machine. Does your service really need to read all your word documents? Creating an account for only the service will automatically remove access rights to almost all files.

While it's certainly a hassle to create an extra account, its good (security) programming practice to do so and less difficult than one might think.

Best regards and glad to be of help

Hajo

--


--------------------------------------------
Lit Window Library - Speed up GUI coding 10x
  http://www.litwindow.com/library?src=ml

wxVisualSetup - integrate wxWidgets into Visual Studio .NET
  http://www.litwindow.com/Products/products.html?src=ml

BugLister - Defect Tracker
  http://www.litwindow.com/buglister?src=ml

Tips & Tricks for wxWidgets & MS Visual Studio
  http://www.litwindow.com/Knowhow/knowhow.html?src=ml
.

References:
- ODBC running as a service
  - From: Lidiane Moreira
- Re: ODBC running as a service
  - From: Hajo Kirchhoff
- Re: ODBC running as a service
  - From: Lidiane Moreira

Prev by Date: Unable to display Edit feature for Stored Procedures in VS2003 C#.
Next by Date: SQL Server ODBC Database Reconnect questions
Previous by thread: Re: ODBC running as a service
Next by thread: Unable to display Edit feature for Stored Procedures in VS2003 C#.
Index(es):
- Date
- Thread

Relevant Pages

Re: Administrator account disabled
... On 9/28/09, rybo posted: ... enter it tells me that the account has been disabled and to see your system administrator. ... You didn't get the login box? ...
(microsoft.public.windows.mediacenter)
Account Expired - newby question
... faulty network card, ... found everything first time. ... I got a message saying "your account has expired, ... "the system administrator has disabled your account". ...
(alt.os.linux.redhat)
Re: Email Address Added to Outgoing Email when sent
... >I sent an email this morning from my work email ... account. ... >An extra email address was added to this email when it ...
(microsoft.public.security.virus)
Re: Naming the computer
... The System Administrator account is different from a user having ... >alternative account should be set up for daily activities? ... Administrator Account - but it is not THE Admin account. ...
(microsoft.public.windowsxp.general)
Re: DOS program works in Admin account but not in a User account
... I have a legacy DOS program that runs fine in my XP Home Admin account which is the one I installed it in but when I run the shortcut or the exe file in my user account it just opens the initial menu screen - if I click on one of the choices the screen flashes off and that's it - finished = the problem is associated with the underlying *.exe file - if I click that it just flashes on and off. ... I assume it has something to do with access rights. ... Open a command line window (Run... ...
(microsoft.public.win2000.cmdprompt.admin)