|
The LocalSystem Account
The LocalSystem account is a predefined local account used by system
processes. The name of the account is .\System. This account does not have a password.
If you specify the LocalSystem account in a call to the CreateService function, any password information you supply is ignored.
A service that runs in the context of the LocalSystem account inherits the
security context of the SCM. It is not associated with any logged-on user account
and does not have credentials (domain name, user name, and password) to be used
for verification. This has several implications:
- The service cannot open the registry key HKEY_CURRENT_USER.
- The service can open the registry key HKEY_LOCAL_MACHINE\SECURITY.
- The service has limited access to network resources, such as shares and pipes,
because it has no credentials and must connect using a null session. The
following registry key contains the NullSessionPipes and NullSessionShares values, which are used to specify the pipes and shares to which null sessions
may connect:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
LanmanServer\Parameters
Alternatively, you could add the REG_DWORD value RestrictNullSessAccess to the key and set it to 0 to allow all null sessions to access all pipes and
shares created on that machine.
- The service cannot share objects with other applications, unless they are
opened using a DACL which allows a user or group of users access or NULL DACL,
which allows everyone access. Specifying a NULL DACL is not the same as specifying
NULL, which means that access is only granted to applications with the same
security context. For more information, see Allowing Access.
- If the service opens a command window and runs a batch file, the user could
hit CTRL+C to terminate the batch file and gain access to a command window with
LocalSystem permissions.
| Last news from Greatis Software |
 |
|
Nostalgia .Net |
|
.Net is powerful, but not all-powerful, so sometimes we need to use Win32 API for our .Net applications. It's simple enough with Platform Invoke if you have Win32 skill, but we do not always have time to dig the ancient documentation, declare the special types that are compatible with Win32, find the values of the Win32's constants and so on. Nostalgia .Net offers several simple-to-use classes, and components that will allow you to forget about the headache of Win32 and just use the power of Win32 in your application the same way as you use the native. Net classes. More » |
| Recommended software for developers |
 |
|
Ultimate Pack |
|
Component pack for Delphi and C++ Builder that contains runtime form designer, runtime object inspector, print suite and much more for the very special price. More » |
 |
|
Form Designer .Net |
|
Unique runtime form design solution that allows to edit any form in .Net WinForms application at runtime with full source codes for only 300 euro! More » |
 |
|
Print Suite .Net |
|
Print Suite .Net is a set of components for easy printing texts, images and grids from your WinForms applications. Full C# source codes are available More » |
 |
|
Gradient Controls .Net |
|
Gradient Controls .Net offers controls with gradient background feature. Labels, panels and so on... Full C# source codes are available More » |
 |
|
Greatis iGrid |
|
iGrid plots drawing grid right over your desktop, so you can use it everywhere, with any drawing application without any special plugins for different graphic editors. More » |
All the contacts and projectsDmitry Vasiliev (just.dmitry)
Related LinksSoftware for Visual Studio .NET developers
Software for Delphi and C++ Builder developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET More Online Helps Win32 Programmer's Reference
Win32 Multimedia Programmer's Reference
OLE Programmer's Reference
Microsoft Windows Pen API Programmer's Reference
Microsoft Windows Sockets 2 Reference
Microsoft Windows Telephony API (TAPI) Programmer's Reference
Unix Manual Pages
|
