W
WTH
I ask because I've got a windows service I've written that manages failover
and replication for our products (or even 3rd party applications) and it
worked great right until I tested it (for ease of testing purposes) with
Internet Explorer (iexplore.exe) - I was testing handling argument list
buffer overflows.
What I found with iexplore.exe is that because my windows service is running
with high privileges (due to running under the local system account) and it
was using CreateProcessAsUser to launch the browser into the logged in user
session (so the user could see the UI), explorer was detecting this as a
security violation (a high integrity process running in a low integrity user
session) and it was spawning a low integrity iexplore.exe process on its own
and the original iexplore.exe was terminating immediately (I am aware of
this because my service tracks the process IDs of the processes it creates
for failover purposes and these IDs do not match those of iexplore.exe for
more than a few tens of milliseconds.)
This isn't a big deal except that it enlightened me that I should not be
launching processes in a low integrity environment with my service's high
integrity security descriptor (I use the default.)
Anyone out there know how to create a low integrity security descriptor?
I've tried ConvertStringSecurityDescriptorToSecurityDescriptorW using
"S
ML;;NW;;;LW)" (which I believe means 'low integrity please') but it does
not appear to make any difference. iexplore.exe is still re-launching
itself.
Knowing .NET (I'm from a C++ background) there's a much smarter way to do
this, any pointers?
Thanks,
WTH
and replication for our products (or even 3rd party applications) and it
worked great right until I tested it (for ease of testing purposes) with
Internet Explorer (iexplore.exe) - I was testing handling argument list
buffer overflows.
What I found with iexplore.exe is that because my windows service is running
with high privileges (due to running under the local system account) and it
was using CreateProcessAsUser to launch the browser into the logged in user
session (so the user could see the UI), explorer was detecting this as a
security violation (a high integrity process running in a low integrity user
session) and it was spawning a low integrity iexplore.exe process on its own
and the original iexplore.exe was terminating immediately (I am aware of
this because my service tracks the process IDs of the processes it creates
for failover purposes and these IDs do not match those of iexplore.exe for
more than a few tens of milliseconds.)
This isn't a big deal except that it enlightened me that I should not be
launching processes in a low integrity environment with my service's high
integrity security descriptor (I use the default.)
Anyone out there know how to create a low integrity security descriptor?
I've tried ConvertStringSecurityDescriptorToSecurityDescriptorW using
"S
ML;;NW;;;LW)" (which I believe means 'low integrity please') but it doesnot appear to make any difference. iexplore.exe is still re-launching
itself.
Knowing .NET (I'm from a C++ background) there's a much smarter way to do
this, any pointers?
Thanks,
WTH