It's a needed feature as sometimes you need to run things only after the ramdisk is created/available.
Like running anything trying to write to it (or else it fails), unpacking something, etc.
I am thinking about the privileges given to the script or executable. By default, the GUI gives administrative privileges, and the service used at system startup gives the privileges of "System" user.
And at startup, there is no window displayed.
We also have to consider that at system startup, there may be no logged user.
Are these conditions acceptable?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Typically at starup we don't have any user logged in unless they have fast fingers or no password at login. The only thing I'd be worrying about in this situation is the script integrity - that is it shouldn't be editable w/o admin priviledges to "sort of" prevent abuse by malware (and perhaps not runable if it is - like you can't login with ssh key if authorized_keys permissions are wrong). Having some sort of checksum in registry and verification of it before execution will be great as well.
Not sure how to handle the permissions on files created while the script is run (like chown/chmod for Windows) - sometimes you may need things to user-writable, somentimes not - probably it can be handled in the script itself.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The parameters are stored in HKEY_LOCAL_MACHINE, so in any case administrative privileges are required to select another script.
So if the script has proper access rights, it should not need to add something else.
I think I'll try to run it under session 0 ("System" user) even with the GUI, in order to keep exact same privileges at startup. But this means that no window will be displayed.
Besides, it also means that you will be able to limit the access rights of the script to "System" user for even more security.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Could be interesting indeed. I'll see what I can do.
I am thinking about the privileges given to the script or executable. By default, the GUI gives administrative privileges, and the service used at system startup gives the privileges of "System" user.
And at startup, there is no window displayed.
We also have to consider that at system startup, there may be no logged user.
Are these conditions acceptable?
Typically at starup we don't have any user logged in unless they have fast fingers or no password at login. The only thing I'd be worrying about in this situation is the script integrity - that is it shouldn't be editable w/o admin priviledges to "sort of" prevent abuse by malware (and perhaps not runable if it is - like you can't login with ssh key if authorized_keys permissions are wrong). Having some sort of checksum in registry and verification of it before execution will be great as well.
Not sure how to handle the permissions on files created while the script is run (like chown/chmod for Windows) - sometimes you may need things to user-writable, somentimes not - probably it can be handled in the script itself.
The parameters are stored in HKEY_LOCAL_MACHINE, so in any case administrative privileges are required to select another script.
So if the script has proper access rights, it should not need to add something else.
I think I'll try to run it under session 0 ("System" user) even with the GUI, in order to keep exact same privileges at startup. But this means that no window will be displayed.
Besides, it also means that you will be able to limit the access rights of the script to "System" user for even more security.