Re: Out of Process execution and .NET

• Previous message: Andy Fraser: "Re: Forms Auth keeps going to logon page"
• In reply to: charlie: "Re: Out of Process execution and .NET"
• Next in thread: charlie: "Re: Out of Process execution and .NET"
• Reply: charlie: "Re: Out of Process execution and .NET"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 05 Nov 2003 15:00:03 -0800

"charlie" <charlie@nunya.com> expressed in the message known
far and
wide by the name news:Dp9qb.293$y84.246677627
@newssvr11.news.prodigy.com
thusly:

Hi charlie,

> I am toying with a new approach that basically bypasses the
security
> restrictions I have encountered. I will impersonate a Domain
Account
> so that I can copy the RTF files locally (this works just
fine), then
> perform the .EXE merge and conversion. When all is said and
done, I
> will clean up the files that were copied locally.

I would really advocate for a different approach, since this is
a
security weakness of the highest sort.

> I will also investigate the COM+ approach but I have a
feeling that
> the old garbage collection issues will come up again. This
is a
> process that will get quite a bit of activity during peak
periods so I
> can't have memory leaks.

I don't think so, since COM+ was actually engineered for .Net
and the
CLR in mind... (actually, it was going to be part of it, but
the
development of the CLR lagged, and COM+ could be delivered with
benefits
to the emerging trend of distributed applications).

One of the things that COM+ can do is to keep objects
instantiated and
running in a pool. This is a boon for distributed apps, like an
ASP.Net
app, since it calls the COM+ object to do some work, and then
disconnects, but the object sticks around waiting to service
more
clients. You can have the COM+ objects impersonating whatever
account
you want that has network rights wherever you would like
(though I would
still advocate a Domain User with specifically tailored rights,
rather
than a blanket Domain Admin account), and enforces specific
access
restrictions based on client and on role (COM+ role-based
security is
very fine-grain). Object recycling and memory issues are dealt
with in
the best possible manner with these techniques, in a proven
execution
environment.

Here's what I did: I created a .Net app in C# which uses
System.EnterpriseServices (a.k.a. COM+) to keep a number of
objects
running which will copy files from one place on the network to
somewhere
else. I created an ASP.Net application which impersonates the
caller
(using the Windows Principal available through NTLM
authentication). If
the caller is a privileged account (Domain Admin) then the
ASP.Net
application calls the COM+ component in the Admin role, and
files can be
copied or moved literally anywhere, since we have
administrative shares
on all our computers. When the account is not privileged, it is
mapped
to a different COM+ role, and only file copying from one
specific share
on a certain machine to another specific share on the web app
box can be
accomplished. Very secure yet flexible, since it relies on the
Domain to
authenticate the principal, and leverages the intrinsic objects
available in the ASP.Net application. COM+ roles would also
allow us to
add another role in the future and add Domain users and/or
groups to
accomplish copy/move operations to other machines.

>
> Thanks for your suggestions. I will post my results when
they have
> been tested out and proven to work.
>
> Charlie
>

I hope to hear of your work...

kindly,
-rory 8)

• Previous message: Andy Fraser: "Re: Forms Auth keeps going to logon page"
• In reply to: charlie: "Re: Out of Process execution and .NET"
• Next in thread: charlie: "Re: Out of Process execution and .NET"
• Reply: charlie: "Re: Out of Process execution and .NET"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]