Re: windows services question

From: "Larry Smith" <no_spam@xxxxxxxxxxx>
Date: Mon, 18 Dec 2006 21:10:19 -0500

Well, they would be unable to kill a service process from the Task
Manager, because
services run under the LocalSystem account, so that other users cannot
open a handle
with "terminate" access to it. Task Manager does not seem to do
anything in order to assign itself the token of a system account even
if it runs under the account with Admin rights, so that users would be
unable to terminate a process via it.

You can terminate a service as an administrator or anyone else for that
matter. You simply need the "SeDebugPrivilege" in your token which only
administrators have by default (system account is also an administrator
BTW). The trick is to enable it first since most privileges are disabled by
default even for administrators. This is the reason why administrators can't
terminate a service from the task manager normally. The privilege exists in
their token but they simply have to enable it first (which is very simple to
do in code).

.

Follow-Ups:
- Re: windows services question
  - From: anton bassov
- Re: windows services question
  - From: Ali

References:
- Re: windows services question
  - From: anton bassov

Prev by Date: Re: Saving lots of files....
Next by Date: Re: windows services question
Previous by thread: Re: windows services question
Next by thread: Re: windows services question
Index(es):
- Date
- Thread

Relevant Pages

Re: windows services question
... services run under the LocalSystem account, ... unable to terminate a process via it. ... administrators have by default (system account is also an administrator ... terminate a service from the task manager normally. ...
(microsoft.public.win32.programmer.kernel)
Re: Event ID: 1202
... No mapping between account names and security IDs was ... SeIncreaseBasePriorityPrivilege = Administrators ... "Meinolf Weber" wrote: ... A user account in one or more Group policy objects (GPOs) could not ...
(microsoft.public.win2000.active_directory)
Re: Rid AD of Circular Group Membership
... I'll try to keep this going; because it might be useful to another admin ... The quess is each has an account and uses it, ... part of stations) into the machine local Administrators group. ... Administrators Group has a members: ...
(microsoft.public.windows.group_policy)
Re: Event ID: 1202
... No mapping between account names and security IDs was done. ... User Rights configuration completed with error. ... SeIncreaseBasePriorityPrivilege = Administrators ... unresolvable account exists only in one GPO. ...
(microsoft.public.win2000.active_directory)
Re: Program Problems for non-administrators
... The user cant burn CDs because the media player absolutely wont function in her account but switch it to an administrator and all is well. ... User accounts will say they have an older version of a program but the administrators account says everything is up to speed. ... Quite simply, the installation routine for this application doesn't "know" how to handle individual user profiles, or the application tries to make changes to "off-limits" sections of the registry or protected Windows system folders. ... you can make this software available to other users by _copying_ the Start Menu folder and Desktop folder shortcuts from the user profile from which the software was installed in the corresponding folders in the user profilein which you'd like the software to be accessible. ...
(microsoft.public.windowsxp.general)