Thread: [GD-Windows] Getting an user's security details
Brought to you by:
vexxed72
From: <ce...@ce...> - 2003-06-21 14:08:17
|
Hey all, I'm developing a cron-like service for win2k and above and I need to run = processes as different users (not as .\LocalSystem). The problem I'm = having is that I don't know how to find out an user's password in order = to log on as that user and run commands in his/her security context. = I've searched MSDN for about four hours and I couldn't fnd any good = information regarding this. Thanks in advance, Adrian |
From: Colin F. <cp...@ea...> - 2003-06-21 16:13:08
|
Viruses have the same problem... I bet RealNetworks would kill to learn a good answer, too. Pesky security! --- Colin ----- Original Message ----- From: "Adrian Cearnău" <ce...@ce...> To: <gam...@li...> Sent: Saturday, June 21, 2003 7:08 AM Subject: [GD-Windows] Getting an user's security details Hey all, I'm developing a cron-like service for win2k and above and I need to run processes as different users (not as .\LocalSystem). The problem I'm having is that I don't know how to find out an user's password in order to log on as that user and run commands in his/her security context. I've searched MSDN for about four hours and I couldn't fnd any good information regarding this. Thanks in advance, Adrian |
From: <ce...@ce...> - 2003-06-21 16:21:45
|
Humm, thinking about how I could do that on Linux - use sudo. That would mean using runas under Windows, but there has to be a nicer way. ----- Original Message ----- From: "Colin Fahey" <cp...@ea...> To: <gam...@li...> Sent: Saturday, June 21, 2003 6:59 PM Subject: Re: [GD-Windows] Getting an user's security details > > Viruses have the same problem... I bet RealNetworks > would kill to learn a good answer, too. Pesky security! > > --- Colin > > > ----- Original Message ----- > From: "Adrian Cearnău" <ce...@ce...> > To: <gam...@li...> > Sent: Saturday, June 21, 2003 7:08 AM > Subject: [GD-Windows] Getting an user's security details > > > Hey all, > > I'm developing a cron-like service for win2k and above and I need to > run processes as different users (not as .\LocalSystem). The problem > I'm having is that I don't know how to find out an user's password in > order to log on as that user and run commands in his/her security > context. I've searched MSDN for about four hours and I couldn't fnd > any good information regarding this. > > Thanks in advance, > Adrian > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > |
From: Ivan-Assen I. <as...@ha...> - 2003-06-21 16:23:28
|
You are looking for a function like GetCurrentUserPassword() ? That's a very bad idea, and I'd be very surprised if such a function existed. Imagine someone walking in on to your PC while you're on lunch break and running a small exe calling that function. He would be able to gain much more control over your PC (and possibly your life, if you, like the vast majority of users, reuse passwords) than he has just by having temporary physical access. He could change your password. He could set your password to expire. He could log in with the same password to other services. Notice that Win2K-s own cron-like security service (Scheduled Tasks) asks you for a users's password when you specify you need to run a task as a certain password. Actually, Unices have been doing just fine for decades without having the passwords themselves stored anyway - just their one-way encrypted (hashed) form. regards, Assen PS. What's wrong with Scheduled Tasks? |
From: Adrian C. <ce...@ce...> - 2003-06-21 16:37:49
|
I *don't* want the password, I just want to start a process that uses another user's security credentials/rights. I don't wanna store the password anywhere, just like in the one-way security system you yourself mentioned. Oh, and I'm just learning how to create services, and I tought a cron-alike would be cool to create. ----- Original Message ----- From: "Ivan-Assen Ivanov" <as...@ha...> To: <gam...@li...> Sent: Saturday, June 21, 2003 7:22 PM Subject: RE: [GD-Windows] Getting an user's security details > You are looking for a function like GetCurrentUserPassword() ? > That's a very bad idea, and I'd be very surprised if such a function > existed. > > Imagine someone walking in on to your PC while you're on > lunch break and running a small exe calling that function. > He would be able to gain much more control over your PC > (and possibly your life, if you, like the vast majority of > users, reuse passwords) than he has just by having temporary > physical access. He could change your password. He could > set your password to expire. He could log in with the same > password to other services. > > Notice that Win2K-s own cron-like security service (Scheduled Tasks) > asks you for a users's password when you specify you need to > run a task as a certain password. > > Actually, Unices have been doing just fine for decades without > having the passwords themselves stored anyway - just their > one-way encrypted (hashed) form. > > regards, > Assen > > PS. What's wrong with Scheduled Tasks? > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > |
From: Ivan-Assen I. <as...@ha...> - 2003-06-21 16:43:12
|
> I *don't* want the password, I just want to start a process > that uses another user's security credentials/rights. I don't > wanna store the password anywhere, just like in the one-way > security system you yourself mentioned. OK, running a process as another user without his express permission (embodied as his password) is just a bit less evil than obtaining his password. > Oh, and I'm just learning how to create services, and I > tought a cron-alike would be cool to create. Well - do what Scheduled Tasks does and ask for the users's password. |
From: Adrian C. <ce...@ce...> - 2003-06-21 16:55:06
|
Yeah well, I'll do that. I just tought it would be possible to create processes in a way similar to Linux's sudo, where you don't need to type the password for an user if you're, for example, root. Thanks, Adrian ----- Original Message ----- From: "Ivan-Assen Ivanov" <as...@ha...> To: <gam...@li...> Sent: Saturday, June 21, 2003 7:42 PM Subject: RE: [GD-Windows] Getting an user's security details > > I *don't* want the password, I just want to start a process > > that uses another user's security credentials/rights. I don't > > wanna store the password anywhere, just like in the one-way > > security system you yourself mentioned. > > OK, running a process as another user without his > express permission (embodied as his password) > is just a bit less evil than obtaining his password. > > > Oh, and I'm just learning how to create services, and I > > tought a cron-alike would be cool to create. > > Well - do what Scheduled Tasks does and ask for > the users's password. > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > |
From: Ted H. <ted...@ho...> - 2003-06-21 16:50:03
|
I believe that the keyword to search for on MSDN is "impersonation". -Ted ----- Original Message ----- From: "Adrian Cearnau" <ce...@ce...> To: <gam...@li...> Sent: Saturday, June 21, 2003 9:37 AM Subject: Re: [GD-Windows] Getting an user's security details > I *don't* want the password, I just want to start a process that uses > another user's security credentials/rights. I don't wanna store the password > anywhere, just like in the one-way security system you yourself mentioned. > > Oh, and I'm just learning how to create services, and I tought a cron-alike > would be cool to create. > > ----- Original Message ----- > From: "Ivan-Assen Ivanov" <as...@ha...> > To: <gam...@li...> > Sent: Saturday, June 21, 2003 7:22 PM > Subject: RE: [GD-Windows] Getting an user's security details > > > > You are looking for a function like GetCurrentUserPassword() ? > > That's a very bad idea, and I'd be very surprised if such a function > > existed. > > > > Imagine someone walking in on to your PC while you're on > > lunch break and running a small exe calling that function. > > He would be able to gain much more control over your PC > > (and possibly your life, if you, like the vast majority of > > users, reuse passwords) than he has just by having temporary > > physical access. He could change your password. He could > > set your password to expire. He could log in with the same > > password to other services. > > > > Notice that Win2K-s own cron-like security service (Scheduled Tasks) > > asks you for a users's password when you specify you need to > > run a task as a certain password. > > > > Actually, Unices have been doing just fine for decades without > > having the passwords themselves stored anyway - just their > > one-way encrypted (hashed) form. > > > > regards, > > Assen > > > > PS. What's wrong with Scheduled Tasks? > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: INetU > > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > > _______________________________________________ > > Gamedevlists-windows mailing list > > Gam...@li... > > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > > Archives: > > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > |
From: Adrian C. <ce...@ce...> - 2003-06-23 20:11:27
|
Ah well I searched for that in MSDN, not to worry :) The problem is that I'm a wee bit bone-headed and can't figure out how to do the impersonation if the user ain't logged. Any info on this matter will prove most helpful. Thanks a bunch, Adrian ----- Original Message ----- From: "Ted Howard" <ted...@ho...> To: <gam...@li...> Sent: Saturday, June 21, 2003 7:49 PM Subject: Re: [GD-Windows] Getting an user's security details > I believe that the keyword to search for on MSDN is "impersonation". > > -Ted > > ----- Original Message ----- > From: "Adrian Cearnau" <ce...@ce...> > To: <gam...@li...> > Sent: Saturday, June 21, 2003 9:37 AM > Subject: Re: [GD-Windows] Getting an user's security details > > > > I *don't* want the password, I just want to start a process that uses > > another user's security credentials/rights. I don't wanna store the > password > > anywhere, just like in the one-way security system you yourself mentioned. > > > > Oh, and I'm just learning how to create services, and I tought a > cron-alike > > would be cool to create. > > > > ----- Original Message ----- > > From: "Ivan-Assen Ivanov" <as...@ha...> > > To: <gam...@li...> > > Sent: Saturday, June 21, 2003 7:22 PM > > Subject: RE: [GD-Windows] Getting an user's security details > > > > > > > You are looking for a function like GetCurrentUserPassword() ? > > > That's a very bad idea, and I'd be very surprised if such a function > > > existed. > > > > > > Imagine someone walking in on to your PC while you're on > > > lunch break and running a small exe calling that function. > > > He would be able to gain much more control over your PC > > > (and possibly your life, if you, like the vast majority of > > > users, reuse passwords) than he has just by having temporary > > > physical access. He could change your password. He could > > > set your password to expire. He could log in with the same > > > password to other services. > > > > > > Notice that Win2K-s own cron-like security service (Scheduled Tasks) > > > asks you for a users's password when you specify you need to > > > run a task as a certain password. > > > > > > Actually, Unices have been doing just fine for decades without > > > having the passwords themselves stored anyway - just their > > > one-way encrypted (hashed) form. > > > > > > regards, > > > Assen > > > > > > PS. What's wrong with Scheduled Tasks? > > > > > > > > > > > > ------------------------------------------------------- > > > This SF.Net email is sponsored by: INetU > > > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > > > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > > > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > > > _______________________________________________ > > > Gamedevlists-windows mailing list > > > Gam...@li... > > > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > > > Archives: > > > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > > > > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: INetU > > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > > _______________________________________________ > > Gamedevlists-windows mailing list > > Gam...@li... > > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > > Archives: > > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > |
From: brian s. <pud...@po...> - 2003-06-21 16:47:06
|
Or if you really want cron, what's wrong with downloading cygwin? On Saturday, June 21, 2003, at 09:22 AM, Ivan-Assen Ivanov wrote: > > PS. What's wrong with Scheduled Tasks? --brian |
From: Adrian C. <ce...@ce...> - 2003-06-24 07:10:14
|
Yes I know I've got all these options, but why not a) learn a little while b) having fun doing something useful? Thanks, Adrian ----- Original Message ----- From: "brian sharon" <pud...@po...> To: <gam...@li...> Sent: Saturday, June 21, 2003 7:47 PM Subject: Re: [GD-Windows] Getting an user's security details > Or if you really want cron, what's wrong with downloading cygwin? > > On Saturday, June 21, 2003, at 09:22 AM, Ivan-Assen Ivanov wrote: > > > > PS. What's wrong with Scheduled Tasks? > > --brian > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: INetU > Attention Web Developers & Consultants: Become An INetU Hosting Partner. > Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! > INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php > _______________________________________________ > Gamedevlists-windows mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-windows > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=555 > > |