Securing Windows Service Applications
Question
Is there any way to restrict users with administrative privileges from managing specific Windows service based applications? I would like to restrict administrators from stopping or re-starting my service very similar to the Windows event log service. What are some of the more popular approaches or recommended approaches to securing services followed by product vendors (like antivirus applications, firewalls etc where the service has to be running continuously)?
2 answers
solution1
1 2008-11-15 22:20:00
To remove the stop option from the service management mmc. With .net service you:
ServicesToRun = new ServiceBase[] { new Service1() };
ServicesToRun[0].CanStop = false;
With win32 see the SERVICE_STATUS structure and SetServiceStatus function documentation. Did not test this option.
That said, I don't think ( and hope I am right ) that there is possibility, in user space, to prevent the administrator from stopping a service. The admin can still stop the service by killing the process from taskmanager or taskkill.
solution2
-1 ACCPTED 2008-11-15 19:45:21
这是使用访问控制的一种方法-http: //support.microsoft.com/?kbid=288129
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.