Re: Getting logged in user from a service?

news:e3dxMO5pHHA.4532@xxxxxxxxxxxxxxxxxxxxxxx
CLR and the .NET Framework is all about. If you are coding directly
against the OS services (that is, by directly calling WIN32 Api's) you
have to consider a lot of things at "development" time, things like - is
the API available on the *target* machine? - What are the security
constraints, what privileges are there required to call these API when
running as say "Local Service"? Can the API access a remote server
instance? Most of these things are taken care of by the framework and
it's underlying services, whatever these are, and in this particular
case the underlying service is native WMI in top of Win32.

I don't see how using .NET Framework exempts you from worrying about
security constraints, privileges, etc. It might automatically enable a
held privilege in your token, that's about it.



No, the system.Management classes (and this is what we are talking about
here) and WMI makes it possible to call OS services without YOU having the
need to run with these elevated privileges.

Can you cite an example since this appears to defy standard Windows security
(if I understand you correctly).


.

Relevant Pages

  • Re: Getting logged in user from a service?
    ... against the OS services (that is, by directly calling WIN32 Api's) you ... the API available on the *target* machine? ... underlying services, whatever these are, and in this particular case the ... security constraints, privileges, etc. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Getting logged in user from a service?
    ... against the OS services (that is, by directly calling WIN32 Api's) you have to consider a lot of things at "development" time, things like - is the API available on the *target* machine? ... Most of these things are taken care of by the framework and it's underlying services, whatever these are, and in this particular case the underlying service is native WMI in top of Win32. ... I don't see how using .NET Framework exempts you from worrying about security constraints, privileges, etc. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: APACHE$PRIVILEDGED
    ... The primary security on OpenVMS and on most other multi-processing operating systems is implemented via the memory management system and via what VAX calls the change-mode routines, via the Alpha SRM PALcode change-mode equivalent, or via what the IA-32 and IA-32e architectures refer to as the call gate. ... With OpenVMS constructs including device drivers )and user-written system services (UWSS; also known as privileged shareable images), these constructs operate in inner processor modes. ... One of the more hazardous situations for system security is a mixed environment; where there are resources shared between trusted and untrusted environments. ... Not only will the operation that requires privileges now be permitted, but other and potentially unintended operations can also be permitted. ...
    (comp.os.vms)
  • [UNIX] Bugzilla Multiple Vulnerabilities (SQL Injections, Privileges Escalation, Information Leak)
    ... Get your security news from a reliable source. ... user may retain privileges that should have been removed, ... Reference: ... secure bug, you can access the summary of that bug even if you do not have ...
    (Securiteam)
  • Re: Happy 10 years of continuous virus free computing on OpenVMS alpha 7.1
    ... OpenVMS provides an inherent security advantage over all the other ... advantage of OpenVMS brings it much closer to such a goal than any OS ... attaining higher mode privileges or services for which a process was ... currently used University-level texts on OS Design. ...
    (comp.os.vms)
Loading