|Subject:||What SIDS need permisions to start my service?|
|Posted by:||John S (Joh…@discussions.microsoft.com)|
|Date:||Tue, 8 May 2007|
Here is the short version. I have an application which has a service
component. It is a requirement that the service component be running only
when the application is running, so AutoStart is not an option.
I want to grant the following permissions on my service
to all users on the local machine. Currently I am granting this access to
Everyone, Users, and Guest. This approach definitely gives permisions to the
accounts i need.. but is this a securty risk (I am only concerned about
security risks involving remote attacks, not ones that originate from the
local machine). Should i be granting access to just "Guest and Users" or
maybe "Guests and Authenticated Users"? Also note, the machines may or may
not be on a domain.. the target os is 2k,xp,vista(32/64). This may be
deployed on a large number of laptops (and i mean laaarrrggge).
Can anyone shed some light on this issue?