0

We have an exe which actually checks the contents of a folder and then kicks off a windows service to do some processing on the files in that folder. So, we made this exe as part of System start up program so it runs everytime the system reboots/starts.

Now the user is very annoyed as he gets pop up for UAC everytime he restarts. But we need to have admin rights for this exe as it kicks off a windows service. Therefore I researched and found a couple of solns for this prob. This and This But couldn't decide which is better and less vulnerable for security implications. Another potential solution can be in the code of .exe itself detect the system start up and if we have any content in the target folder then only ask for UAC from user and kick off the windows service . Else just don't run the exe. I am not sure how to do this in C++. Any pointers would be helpful. If there is any better solution, always welcome.

Community
  • 1
  • 1
Programmerzzz
  • 1,237
  • 21
  • 48
  • 1
    Why start a service from an application? Why not just let windows start the service and send it a message from the application? – user4581301 Jul 28 '15 at 04:35
  • Can u elaborate a bit more with more details.. – Programmerzzz Jul 28 '15 at 04:49
  • 1
    You do realize that if you configure the service for automatic start, Windows will start it for you each time the system boots? It isn't obvious from your post why you want an application involved at all. Why not just have the service and nothing else? – Harry Johnston Jul 28 '15 at 05:29
  • This acts as an in erface between parent app and windows service itself...it shows the user the status of processing that service will do on the contents of the folder.... – Programmerzzz Jul 28 '15 at 05:49
  • The first link (disable UAC) would piss me off even more than the UAC warning. In fact, turning off security might make you liable for any subsequent security problem. – MSalters Jul 28 '15 at 09:23

2 Answers2

0

You probably want to use Task Scheduler here.
Just create a task as part of the install process, with "When the computer starts" as the trigger, and set the "Run with highest privileges" security option.

Robotski
  • 38
  • 1
  • 7
  • That's what we are doing here right? But through an application though which would run on the system start-up – Programmerzzz Jul 28 '15 at 04:50
  • Yes, you would make a scheduled task to run your exe at startup, and "Run with highest privileges" would suppress the UAC prompt so you could start the service. – Robotski Jul 28 '15 at 04:56
  • Okay...sounds good....since the user will just install a tool through which our exe will also be installed/copied ..you mean to create this task on every user machine? Or just create this task programmatically when the parent tool installs? In either case do you have some sample code which we can tweak to start off? – Programmerzzz Jul 28 '15 at 04:59
0

The problem is that you're mixing up the system and user sessions.

If the processing of those files is done on behalf of a user, it probably should not be done by a service. What if two users wanted their files processed? What security context should the service use for that? And obviously you shouldn't need Administrator right to process some user files.

If the service is performing some system-level task, it shouldn't depend on a user. And in fact running at startup suggests you want this mode. (User applets start at login, not after reboot). The main problem in your design therefore seems to be that you try to run an app (with UI) at the wrong moment which requires far too many permissions (causing UAC). Redesign the service so that it does all the tasks which require admin permissions, and when installing the service set it to start automatically. This still requires UAC at installation, but that is when UAC is expected.

MSalters
  • 173,980
  • 10
  • 155
  • 350
  • Only one user will be using the system all the time. He just logs in , completes a process which triggers this exe. This checks for files in a folder and kicks off a Windows Service which takes care of it from then. So, Service is not performing a System level task. Its just a mean to take those files in the folder and upload it to another server on a different machine. Thats all its intended for. – Programmerzzz Jul 28 '15 at 16:21
  • @Programmerzzz: IMO that means you shouldn't be using a service in the first place. A regular application would work as well. You might even consider [BITS](https://msdn.microsoft.com/en-us/library/aa362708(v=vs.85).aspx) – MSalters Jul 29 '15 at 00:14
  • This makes sense, but this app was written like 10+ years ago and I was long in queue working on this. If I have to change the implementation, I am not sure to what extent it needs to be revamped. Tell me one more thing, Do we need Admin right compulsorily to start/Stop/Query the status of a Windows Service even through an App? – Programmerzzz Jul 29 '15 at 00:26
  • @Programmerzzz: Windows has user-based security, apps are irrelevant. By default, "Local authenticated users" miss [`SERVICE_START` rights](https://msdn.microsoft.com/en-us/library/windows/desktop/ms685981(v=vs.85).aspx). This is [fixable](https://msdn.microsoft.com/en-us/library/windows/desktop/aa379589(v=vs.85).aspx) – MSalters Jul 29 '15 at 00:36