NT Service and COM
Michael Powe
michael at trollope.org
Sat Jun 23 14:15:31 EDT 2001
>>>>> "Duncan" == Duncan Booth <duncan at NOSPAMrcp.co.uk> writes:
Duncan> I have got a COM server working as a service now. The only
Duncan> problem left is security. If the service runs under my
Duncan> userid everything works fine, but if I install the service
Duncan> as the local system user (i.e. the default) then
Duncan> attempting to access the COM object throws a com error
Duncan> 'Access is denied'.
Give it its own userid and put it in the admin group or whatever
lesser group might be appropriate. The local system user has limited
rights, in order to protect system security.
Duncan> I'm not sure how to get round this. I can use DCOMCNFG to
Duncan> give access, but I feel I should be able to set the
Duncan> security from inside the process. Unfortunately I cannot
This would be a horrible security weakness if it is allowed. What's
to stop somebody from cracking a process and having it reset its own
security to, say, 'administrator' and having fun with the system?
mp
--
Michael Powe Portland, Oregon USA
'Unless we approve your idea, it will not be permitted, it will not be
allowed.' -- Hilary Rosen, President, Recording Industry Association
of America
More information about the Python-list
mailing list