I need to be able to start a console application in the security context of
a user with very limited rights, on a Win 2003 computer:
- file write only to several directories
- file read only to other directories
- no create process abilities
- no network access
and probably other additional restrictions.
My question is, what is the right approach in creating a group, user
account and configuring all values to make sure I don't leave any security
holes while granting it a minimum of rights to be able to perform its task.
It is not obvious how to do this just from inspecting the various security
settings and policies.
This application will be started by a Windows service by callinig the Win32
API CreateProcessAsUser, so there is no need for direct user interaction
with this application.
Any information or pointers to resources will be appreciated.
Re: Enumerating Windows Network Resources ... what privilege do you mean? ... in Administrative tools folder go to Local security policy... but it will use my account. ... Everyone - only limited rights and -- ... (microsoft.public.dotnet.languages.csharp)
Re: [PATCH 00/16] Permit filesystem local caching [try #3] ... running in the security context of either the aforementioned ... The cache driver acts on behalf of someone else. ... the cache driver doesn't have a security context per se. ... context as which the VFS routines act, but rather gets them from the ... (Linux-Kernel)
Re: [PATCH 00/16] Permit filesystem local caching [try #3] ... running in the security context of either the aforementioned random ... The cache driver acts on behalf of someone else. ... one security context, but the cache itself has to have a different context so ... permitted to act as a context appropriate to accessing the cache, ... (Linux-Kernel)
Re: [PATCH 00/16] Permit filesystem local caching [try #3] ... running in the security context of either the aforementioned random ... The cache driver acts on behalf of someone else. ... one security context, but the cache itself has to have a different context so ... permitted to act as a context appropriate to accessing the cache, ... (Linux-Kernel)
Re: [PATCH 00/16] Permit filesystem local caching [try #3] ... running in the security context of either the aforementioned random ... The cache driver acts on behalf of someone else. ... one security context, but the cache itself has to have a different context so ... permitted to act as a context appropriate to accessing the cache, ... (Linux-Kernel)
