I’ve already posted my question to other developer forums but I still haven’t got a reasonable answer. I wonder if there is an internals specialist able to help me.
The question is:
Is there any way do determine whether an application was started from service control manager to start a service control dispatcher or not. I don’t want to call ‘StartServiceControlDispatcher’ if the application was started by the user from one of the application managers, nor from the system.
Notes:
I don’t want to check the command-line arguments, as I was advised on another developer list, because I’m already doing this. I’m using it to run service in debug mode as normal win32 application. I would like to perform the SCM check without testing the command-line arguments (as one of reasons - SCM doesn’t put any parameter into the service’s command line).
As one of possible solutions I see the kind of checking the parent process that has run my service and to see if it is a services.exe. And if this is so considerto enable call to ‘StartServiceControlDispatcher’.
When running as a service your application executes in the local system account.
When running as a normal application it executes in the account of the logged-in user.
So try to get the process access token and look at the account.
A good starting point should be the "Windows NT security" article in MSDN.
PaoloC
----- Original Message -----
From: Andrew Sloven
To: NT Developers Interest List
Sent: Tuesday, March 11, 2003 5:20 AM
Subject: [ntdev] Running under Service Control Manager...
Hi everyone!
I've already posted my question to other developer forums but I still haven't got a reasonable answer. I wonder if there is an internals specialist able to help me.
The question is:
Is there any way do determine whether an application was started from service control manager to start a service control dispatcher or not. I don't want to call 'StartServiceControlDispatcher' if the application was started by the user from one of the application managers, nor from the system.
Notes:
I don't want to check the command-line arguments, as I was advised on another developer list, because I'm already doing this. I'm using it to run service in debug mode as normal win32 application. I would like to perform the SCM check without testing the command-line arguments (as one of reasons - SCM doesn't put any parameter into the service's command line).
As one of possible solutions I see the kind of checking the parent process that has run my service and to see if it is a services.exe. And if this is so considerto enable call to 'StartServiceControlDispatcher'.
What would you say?
You are currently subscribed to ntdev as: xxxxx@tin.it
To unsubscribe send a blank email to xxxxx@lists.osr.com
Not neccessarily... you setup a service to run as a user.
-Jeff
-----Original Message-----
From: PaoloC [mailto:xxxxx@tin.it]
Sent: Tuesday, March 11, 2003 12:15 PM
To: NT Developers Interest List
Subject: [ntdev] Re: Running under Service Control Manager...
When running as a service your application executes in the local system
account.
When running as a normal application it executes in the account of the
logged-in user.
So try to get the process access token and look at the account.
A good starting point should be the "Windows NT security" article in MSDN.
PaoloC
----- Original Message -----
From: Andrew Sloven
To: NT Developers Interest List
Sent: Tuesday, March 11, 2003 5:20 AM
Subject: [ntdev] Running under Service Control Manager...
Hi everyone!
I've already posted my question to other developer forums but I still
haven't got a reasonable answer. I wonder if there is an internals
specialist able to help me.
The question is:
Is there any way do determine whether an application was started from
service control manager to start a service control dispatcher or not. I
don't want to call 'StartServiceControlDispatcher' if the application was
started by the user from one of the application managers, nor from the
system.
Notes:
I don't want to check the command-line arguments, as I was advised on
another developer list, because I'm already doing this. I'm using it to run
service in debug mode as normal win32 application. I would like to perform
the SCM check without testing the command-line arguments (as one of reasons
SCM doesn't put any parameter into the service's command line).
As one of possible solutions I see the kind of checking the parent
process that has run my service and to see if it is a services.exe. And if
this is so considerto enable call to 'StartServiceControlDispatcher'.
What would you say?
You are currently subscribed to ntdev as: xxxxx@tin.it
To unsubscribe send a blank email to xxxxx@lists.osr.com
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
the latest virus scan software available for the presence of computer
viruses.
**********************************************************************
Sure, I can change the account the service uses to start up. It’s not a good
condition to check.
Andrew.
----- Original Message -----
From: “Curless, Jeffrey” To: “NT Developers Interest List” Sent: Wednesday, March 12, 2003 3:24 AM Subject: [ntdev] Re: Running under Service Control Manager…
> Not neccessarily… you setup a service to run as a user. > > -Jeff > > -----Original Message----- > From: PaoloC [mailto:xxxxx@tin.it] > Sent: Tuesday, March 11, 2003 12:15 PM > To: NT Developers Interest List > Subject: [ntdev] Re: Running under Service Control Manager… > > > When running as a service your application executes in the local system > account. > When running as a normal application it executes in the account of the > logged-in user. > So try to get the process access token and look at the account. > A good starting point should be the “Windows NT security” article in MSDN. > > PaoloC > ----- Original Message ----- > From: Andrew Sloven > To: NT Developers Interest List > Sent: Tuesday, March 11, 2003 5:20 AM > Subject: [ntdev] Running under Service Control Manager… > > > Hi everyone! > > I’ve already posted my question to other developer forums but I still > haven’t got a reasonable answer. I wonder if there is an internals > specialist able to help me. > > The question is: > Is there any way do determine whether an application was started from > service control manager to start a service control dispatcher or not. I > don’t want to call ‘StartServiceControlDispatcher’ if the application was > started by the user from one of the application managers, nor from the > system. > > Notes: > 1. I don’t want to check the command-line arguments, as I was advised on > another developer list, because I’m already doing this. I’m using it to run > service in debug mode as normal win32 application. I would like to perform > the SCM check without testing the command-line arguments (as one of reasons > - SCM doesn’t put any parameter into the service’s command line). > > 2. As one of possible solutions I see the kind of checking the parent > process that has run my service and to see if it is a services.exe. And if > this is so considerto enable call to ‘StartServiceControlDispatcher’. > > What would you say? > — > You are currently subscribed to ntdev as: xxxxx@tin.it > To unsubscribe send a blank email to xxxxx@lists.osr.com > — > You are currently subscribed to ntdev as: xxxxx@concord.com > To unsubscribe send a blank email to xxxxx@lists.osr.com > > > > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. > This footnote also confirms that this email message has been swept by > the latest virus scan software available for the presence of computer > viruses. > > > > > — > You are currently subscribed to ntdev as: xxxxx@access-asc.ru > To unsubscribe send a blank email to xxxxx@lists.osr.com >
>Is there any way do determine whether an application was started from
service control
manager to start a service control dispatcher or not. I don’t want to
call
‘StartServiceControlDispatcher’ if the application was started by the
user from one of the
Open the current token, then get its groups and look at INTERACTIVE
well-known SID in them. Service have no such, while the interactive
apps have.
No, the service can be set up to execute from any user account.
INTERACTIVE well-known group is a key.
Max
----- Original Message -----
From: PaoloC
To: NT Developers Interest List
Sent: Tuesday, March 11, 2003 8:14 PM
Subject: [ntdev] Re: Running under Service Control Manager...
When running as a service your application executes in the local system account.
When running as a normal application it executes in the account of the logged-in user.
So try to get the process access token and look at the account.
A good starting point should be the "Windows NT security" article in MSDN.
PaoloC
----- Original Message -----
From: Andrew Sloven
To: NT Developers Interest List
Sent: Tuesday, March 11, 2003 5:20 AM
Subject: [ntdev] Running under Service Control Manager...
Hi everyone!
I've already posted my question to other developer forums but I still haven't got a reasonable answer. I wonder if there is an internals specialist able to help me.
The question is:
Is there any way do determine whether an application was started from service control manager to start a service control dispatcher or not. I don't want to call 'StartServiceControlDispatcher' if the application was started by the user from one of the application managers, nor from the system.
Notes:
I don't want to check the command-line arguments, as I was advised on another developer list, because I'm already doing this. I'm using it to run service in debug mode as normal win32 application. I would like to perform the SCM check without testing the command-line arguments (as one of reasons - SCM doesn't put any parameter into the service's command line).
As one of possible solutions I see the kind of checking the parent process that has run my service and to see if it is a services.exe. And if this is so considerto enable call to 'StartServiceControlDispatcher'.
What would you say?
You are currently subscribed to ntdev as: xxxxx@tin.it
To unsubscribe send a blank email to xxxxx@lists.osr.com
But what about interactive services? Do they have the ‘interactive’ group or not?
I was also advised to check ‘services’ group on win2k. What would you say?
Andrew
----- Original Message -----
From: “Maxim S. Shatskih” To: “NT Developers Interest List” Sent: Friday, March 14, 2003 1:48 AM Subject: [ntdev] Re: Running under Service Control Manager…
> >Is there any way do determine whether an application was started from > service control > >manager to start a service control dispatcher or not. I don’t want to > call > >‘StartServiceControlDispatcher’ if the application was started by the > user from one of the > > Open the current token, then get its groups and look at INTERACTIVE > well-known SID in them. Service have no such, while the interactive > apps have. > > Max > > > > — > You are currently subscribed to ntdev as: xxxxx@access-asc.ru > To unsubscribe send a blank email to xxxxx@lists.osr.com >