locked
Run an application that never dies RRS feed

  • Question

  • Greetings,

    what is the best approach to run a WPF application that never dies and cannot be killed by users

    I used two approaches to solve this problem but both have an issue

    *****A- Elevate the privilatge of the the process to admin:

    cons:

    1- can not touch the process anymore. for example, can't minimize footprint

    2- users can simply click on log out and then cancel the log out, the application will be killed by the system and will not run again.

    3- user can kill the process before it elevates even if it was the first line in code.

    4- user can kill the threads of the process therefore causing it to crash

    *****B- Create a Windows Service that runs the application when ever it dies

    cons:

    1- not recommended as work needs to be done to run the interactive window in current logged in user as per MSDN blog

    "Launching an interactive process from Windows Service in Windows Vista and later"

    ****C- have two applications that watch each other

    cons:

    1- can not touch the process anymore. for example, can't minimize footprint

    2- users can simply click on log out and then cancel the log out, the application will be killed by the system and will not run again.

    3- user can kill the process before it elevates even if it was the first line in code.

    4- user can kill the threads of the process therefore causing it to crash

    Monday, May 23, 2016 7:04 AM

Answers

  • Microsoft has implemented special steps for anti-malware software in order to protect them from being turned off or bypassed.  These exceptions to the norms applied to ordinary software are described at Protecting Anti-Malware Services
    • Edited by RLWA32 Tuesday, May 24, 2016 10:40 AM
    • Proposed as answer by Jan Ringoš Thursday, May 26, 2016 8:54 AM
    • Marked as answer by Xavier Xie-MSFT Wednesday, June 8, 2016 2:41 AM
    Tuesday, May 24, 2016 10:40 AM

All replies

  • At all your requirement "WPF application that never dies and cannot be killed by users" sounds strange to me.

    To your 3 approaches:
    An permanent elevated process is never be a good idea. Something like that may be an security risk. You should keep in mind that this process must be started "in a way".

    A windows service will not work at al, as you said, a service does not have an interaction to the user.

    Two applications that watch each other, will also not really work. You must only fast enough to kill the processes than you application is not vilible anymore.

    I give you the advice to think about your reqirement. Maybe it is possible to use a "normal" applications and if some changes are done the application will store this changes and if the application is closed nothing is lost and if you start it again the latest changes will be loaded.
    Also an combination of a Windows service and a normal GUI application could be a solution. Basically the complete functonality is in the windows service. The GUI and the service communicate using IPC with each other and if the GUI is closed only the "visible part" of your application is closet, the service is still running.


    Best regards

    Bordon

    Note: Posted code pieces may not have a good programming style and may not perfect. It is also possible that they do not work in all situations. Code pieces are only indended to explain something particualar.

    Monday, May 23, 2016 8:17 AM
  • Raymond Chen had an interesting take on "unkillable" programs.  The relevant blog entries are at https://blogs.msdn.microsoft.com/oldnewthing/20130620-00/?p=4033/ and https://blogs.msdn.microsoft.com/oldnewthing/20040216-00/?p=40603

    Monday, May 23, 2016 10:19 AM
  • Thanks, however,

    in our case, we have an app that display users log in name on the screen. this application is always on top and I've written code to make sure of it.

    the reason is to make users think twice before taking screen shots or take a picture with his phone and leaking the information.

    so yes, I need this WPF to be unkillable.

    I need your help to achieve this please

    Monday, May 23, 2016 12:08 PM
  • Any user can take a screen shot or a phone pic and then remove or redact personally identifying information with Paint or any other image editor.  The image editing can be accomplished anywhere.

    It seems to me that clear communication of company policy concerning confidentiality and consequences of violations would be appropriate in the circumstance.
    • Edited by RLWA32 Monday, May 23, 2016 12:16 PM
    Monday, May 23, 2016 12:13 PM
  • in our case, we have an app that display users log in name on the screen. this application is always on top and I've written code to make sure of it.

    the reason is to make users think twice before taking screen shots or take a picture with his phone and leaking the information.

    so yes, I need this WPF to be unkillable.

    In your special case when the screen content is such top secret, the PCs in your network should have disabled all USB Ports, no disk drives and optical drives, of course I forgot, no internet connection.

    This will reach your goal better......


    Best regards

    Bordon

    Note: Posted code pieces may not have a good programming style and may not perfect. It is also possible that they do not work in all situations. Code pieces are only indended to explain something particualar.

    Monday, May 23, 2016 12:28 PM
  • Greetings,

    we have taken the measures you have mentioned and we know that any editing tool can remove the id. However, displaying the user id helped reduced data leakage.

    Now my questions is technical, I think you could have said that it can not be done and that is it instead of changing the subject and starting to discuss if we need this or not!!

    Tuesday, May 24, 2016 4:16 AM
  • by the way, just so that I understand. how is that mctry "Macfee" process can not be killed? how come even if I log out and then cancel log out it doesn't die?

    all what I want is to have the same behavior, is it something related to installation?

    Tuesday, May 24, 2016 5:22 AM
  • Microsoft has implemented special steps for anti-malware software in order to protect them from being turned off or bypassed.  These exceptions to the norms applied to ordinary software are described at Protecting Anti-Malware Services
    • Edited by RLWA32 Tuesday, May 24, 2016 10:40 AM
    • Proposed as answer by Jan Ringoš Thursday, May 26, 2016 8:54 AM
    • Marked as answer by Xavier Xie-MSFT Wednesday, June 8, 2016 2:41 AM
    Tuesday, May 24, 2016 10:40 AM