I have a web application that runs on .NET and IIS, and I need to start a native process. However, this process is not fully trusted, so I need to restrict its access to the system, specifically:
Things I can't use:
Does anyone know of a way I can achieve this?
Depending on exactly what the process does, one option is to have IIS signal the process to run rather than run it directly.
For example, you could create a simple Windows Service that receives a signal from IIS (by writing to a queue, setting a flag in the database, or any of the IPC mechanisms available on Windows) and then manages the lifecycle of the native process (starts it eg using Runas, awaits completion, sends the results back to IIS).
If the native process can be converted to a Windows Service, the intermediate "proxy" Windows Service could be avoided.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.