WinAPI Reference
WinAPI Programmer's References
Win32
Win32 Multimedia
OLE
Pen API
Sockets 2
Telephony API (TAPI)

Websites for programmers
Delphi Tips&Tricks
Unix Manual Pages
MegaDetailed.Net

Software for programmers
Delphi components
.Net components

Free Components For Delphi and C++ Builder

The LocalSystem Account

The LocalSystem account is a predefined local account used by system processes. The name of the account is .\System. This account does not have a password. If you specify the LocalSystem account in a call to the CreateService function, any password information you supply is ignored.

A service that runs in the context of the LocalSystem account inherits the security context of the SCM. It is not associated with any logged-on user account and does not have credentials (domain name, user name, and password) to be used for verification. This has several implications:

  • The service cannot open the registry key HKEY_CURRENT_USER.

  • The service can open the registry key HKEY_LOCAL_MACHINE\SECURITY.

  • The service has limited access to network resources, such as shares and pipes, because it has no credentials and must connect using a null session. The following registry key contains the NullSessionPipes and NullSessionShares values, which are used to specify the pipes and shares to which null sessions may connect:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
LanmanServer\Parameters

Alternatively, you could add the REG_DWORD value RestrictNullSessAccess to the key and set it to 0 to allow all null sessions to access all pipes and shares created on that machine.

  • The service cannot share objects with other applications, unless they are opened using a DACL which allows a user or group of users access or NULL DACL, which allows everyone access. Specifying a NULL DACL is not the same as specifying NULL, which means that access is only granted to applications with the same security context. For more information, see Allowing Access.

  • If the service opens a command window and runs a batch file, the user could hit CTRL+C to terminate the batch file and gain access to a command window with LocalSystem permissions.


Programming books recommended by Amazon.com

More programming books on Amazon.com