|
-
March 15th, 2003, 08:57 AM
#1
 NT Security
How could an application write in a file in which the current logged user can not, under Windows NT/2000/XP ?
This to avoid the accidentally modify/delete this file by an unauthorized user, using notepad, for example.
Thanks!
-
March 15th, 2003, 05:06 PM
#2
You can't do that. The application will only have the rights of the user that started it. You can however implement your program as a NT service.
Another method is to impersonate a user; doing an interactive login and running the process as another (more powerful) user. But that is more like log out and then log in with another user again.
There are lots of info about how to write NT service programs (see codeguru articles and the MSDN web site).
If your app should work more or less like a normal app (having a GUI etc), but needs to protect a file in the way you mentioned, I would implement a very limitted NT service program which only task is the create/write/delete the mentioned file. Your service program and your app need some sort of communication, like named pipes, shared memory, sockets, RPCs or COM.
Good luck.
PS. All this only applies to NT/W2K/XP... On Win9x, you can't do much about it :-(
-
March 18th, 2003, 03:56 AM
#3
 Thanks
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
