Larry Smith said:
That's a specious argument since MSFT is not the final arbiter on what's
good or bad for the programming community. Someone made the call to
provide it but they've provided many things over the years that weren't
widely adopted or necessarily good. In this case it's my judgment that
they provided it simply for ease-of-use. That's a good thing but it
doesn't mean it's the ideal platform for writing a service and IMO it's
usually not. A service is normally low-level by nature since it usually
runs under the System account as a member of the TCB (Trusted Computing
Base).
Not at all, services should run with the least priviliges possible (don't
make the same mistake now that MS has made 15 years ago), Services should
run as "Local Service" or "Network Service", running as SYSTEM is considered
a serious security threat.
is to provide an-going (usually non-interactive) service of some type,
equivalent to a native OS service really. It should therefore have a small
footprint with few dependencies. .NET is a behemoth that doesn't lend
itself well to this. The OS itself does.
Let me see, I have a couple of native (MSFT) services running that consume
between 110 and 175MB (dwm.exe) on Vista, these are no .NET services, do you
call these low-level, small footprint, what about Exchange, SQLServer are
these also low-level services? Or do you consider them low-level because
they are written in C++? Or do you consider the CLR and a couple of BCL
libraries too much overhead?
Note that a managed process as a larger base footprint but this is just
overhead because of the runtime, once you add code this overhead gets less
important, especially when you have multiple managed applications loaded
(not necessarely services), because a lot of the code can be shared as of
V2.
That sounds good in theory but in practice few services require
OS-specific function calls. The same core APIs that most people rely on to
write a service have been around for many years now. They usually work
without issue from one version of Windows to the next so it's rarely a
consideration. Other issues you mentioned are valid but only to a point.
Privileges are required to perform certain tasks for instance whether you
use .NET or not.
Not at all, you don't need special privileges because of .NET, you need them
to call some of the WIN32 API's, sure if you run all of your services as
SYSTEM, all of the possible privileges are enabled and this not an issue,
but then you are running in the worse possible environment security wise.
But if you run with the "Least Privileges" enabled, you cannot call every
API you like without enabling the privileges, and here is where the problem
starts, and what forces user applications run as administrator, but again
these day's are gone with Vista and Windows Server2008.
If you don't have a required privilege in your token then how will .NET
help here. It will fail unless the .NET security mechanism relies on
another system I'm not familiar with (circumventing the standard Windows
security model). Even if you do have a privilege in your token it may be
disabled (most are by default) in which case it needs to be explicitly
enabled to work (even when running under the System account though most
are enabled by default - this is not the case for most other accounts
however including the administrator account itself)..Does NET do this in
any or all cases? I'm not a .NET expert so I don't know. I do believe
you're simplifying the situation however as .NET is not a panacea. Many of
these issues still need to be considered even though .NET is obviously
easier to work with (which is not in dispute)..
WMI runs as another service (as Network Service"), all calls from
System.Management (the WMI wrapper) are executed by this service, and this
service takes care about authentication authorization and enabling of
"privileges" required by the WMI method actually requested. Each WIM class
method clearly states (in the metabase) which "privilege" is required to
execute a certain method, WMI enables the privilege by adjusting his token,
all the user user has to do is a simple set the EnablePrivileges property
for the duration of the connection of for the duration of the call. No need
to PInvoke the security API's, which would be necessary when calling the
API4s directly from C# or any other managed language, as the FCL don't
expose most of these API's.
In my (long) experience WMI is not widely used in most organizations.
Note that WMI was included with W2K only, earlier versions of NT based OSses
did not come with WMI installed, now W2K and up come with WMI installed,
Vista and Windows2008 (which adds +200 new classes to the pack) can't live
without WMI and most major services like Exchange, SQLServer need WMI for
management purposes, even the CLR exposes it's counter data through WMI and
Office11 and 12 do use WMI to expose some of it's features and statistics .
Other services and appications (take perfmon) in the system heavely rely on
WMI as well, disable WMI and you kill these services too, stop this service
and the system will restart it automatically
That's
not a judgment call on WMI itself since I have tinkered with it on
occasion. It is an observation however. IMO the real issue is the OS
itself. I agree with the overall sentiment of your arguments but the
Windows API is what really needs to be changed to facilitate a simpler
(and version-agnostic) model. While that may not happen anytime soon since
MSFT is probably frightened to do it (and for good reason), the API is
really showing its age now. I don't believe .NET is always the answer
however and sometimes you just have to rely on the OS directly (or at
least it should be strongly considered for certain tasks like services).
I never said .NET was the solution for all problems in software business,
this is even not the point of this discussion, I believe that it only
accounts for a small but growing portion of the tasks at hand, what's
important is that it enables solutions that were previously too hard (which
in general means too expensive) to implement. It's an enabling technology,
no more no less.
In the company I work for, we have > 80000 PC's managed using SMS and MOM,
and some other management tools that also run in top of WMI, these tools,
built by major companies like IBM and HP, completely rely on WMI.
Willy.