Re: Hardening the Scheduler Service
From: Marius Huse Jacobsen (mahuja_at_c2i.net)
Date: 12/27/03
- Previous message: Kurt Dillard: "RE: Hardening the Scheduler Service"
- In reply to: James Bowman: "Hardening the Scheduler Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Dec 2003 08:09:36 -0800 To: focus-ms@securityfocus.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello James,
Tuesday, December 23, 2003, 7:45:29 AM, you wrote:
JB> Anyone have experience modifying / supplanting the task scheduler
JB> service to run under another user auspice, similar to "chrooting"
JB> under win2k / XP?
JB> If so, how are scheduled tasks affected? Can we still run jobs as
JB> other users, or are they bound to the service account?
JB> Here's the real issue - we need a way to delegate to sys admins
JB> the ability to modify and schedule their own jobs, in their own
JB> user space, possibly invoking system binaries, all without much
JB> security dept. intervention.
I think somebody made a version of cron that runs on windows. It might
be easier to use that than to mess with the task scheduler.
Other than that, there might be a possibility using the AT command,
perhaps recursively. I believe it's part of the 'resource kit'.
- --
Best regards,
Marius mailto:mahuja@c2i.net
-----BEGIN PGP SIGNATURE-----
iQA/AwUBP+2uwJfZ2CSWpu1rEQJS8gCbBwuS1VbJtYDhrJBYzHolI2ZfMN4AoJNK
dYNnp+6UVd9tVtq69WcW7wfO
=TLuW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Kurt Dillard: "RE: Hardening the Scheduler Service"
- In reply to: James Bowman: "Hardening the Scheduler Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
