locked
Windows 7 to XP migration: Security Issue RRS feed

  • Question

  • Hello All,

    I am working on a migration project from Win XP to Win 7

    I am facing a problem on windows 7 when I start an interactive application from a custom service with a different user name.

    We a have windows service (named as “MyAppHostingService”) which is running under SYSTEM account and is configured as Automatic startup. This service is responsible to start and monitor several interactive applications. This service starts all the interactive apps under a different user (Lets say “MyApplicationUser”) by using CreateProcessAsUser API. MyApplicationUser is not a admin user.

    When I login under any general user without admin rights, MyAppHostingService will start automatically under the SYSTEM account and will start several frontend applications under  “MyApplicationUser”. Now when I go the task manager, I have the following problems:

    1)      Under the process tab I can see all the application running under “MyApplicationUser” although I have not logged in as “MyApplicationUser” or as admin user

     

    2)      I am able to kill all application running under “MyApplicationUser”

    The same scenario under windows xp the user is able to see the application but cant kill it as the logged in user does not have rights to do so.

    Any idea why this could happen and how can I solve this issue.

    Regards,

    Mahesh

    Wednesday, February 23, 2011 4:33 AM