Ensuring single user only
- From: fltcpt@xxxxxxxxx
- Date: Wed, 3 Sep 2008 00:46:05 -0700 (PDT)
My application prompts for a user name and password,
logs on to a remote database and binds to a local
port. Client processes (I have no control of) connect to that
port to get services.
My problem is, I want to provide service only to the user
who provided the username and password. For example,
on server edition of windows, user A starts my application,
then user B logons to windows on the same PC and connects
to my application... user B (an unauthorized database user
all of a sudden has access to the db) another similar
case is when user B runs things like psexec
(from sysinternals.com) to remotely initiate a process
that connects to my application...
Currently, my application does not authenticate the client
process using passwords because the clients (which I
have no control of) don't provide passwords.
The solution I came up with is that my application will
only provide service when only 1 user is logged on.
My question is, how do I determine that. How do I register
a callback for when user B runs psexec to run something
on the same PC? Also, how does it know users like
System and Local Service don't count??
Thanks.
.
- Follow-Ups:
- Re: Ensuring single user only
- From: Ben Voigt [C++ MVP]
- Re: Ensuring single user only
- From: Stefan Kuhr
- Re: Ensuring single user only
- From: Don Burn
- Re: Ensuring single user only
- Prev by Date: Re: Getting CPU's cache-line size
- Next by Date: Re: Ensuring single user only
- Previous by thread: Getting CPU's cache-line size
- Next by thread: Re: Ensuring single user only
- Index(es):
Relevant Pages
|
