[Mongrel] Mongrel as Windows service with normal privileges
Luis Lavena
luis at area17.com
Thu Jun 5 09:46:31 EDT 2008
On Thu, Jun 5, 2008 at 3:00 PM, Ingmar Stieger <ml at stiegerhs.de> wrote:
> [...]
>
> runas /user:web proc_info.exe
>
> *** CURRENT PROCESS ***
> EnumProcessModules (PID, name): 3904 proc_info.exe
> Module32First (PID, name): 3904 proc_info.exe
> GetProcessImageFileName (PID, name): 3904
> \Device\HarddiskVolume5\Temp\proc_info
> .exe
>
> *** PARENT PROCESS ***
> EnumProcessModules (PID, name): 244 Error with OpenProcess
> GetLastError: 5Zugriff verweigert
> <unknown>
> Module32First (PID, name): 244 Error Creating Snap (SNAPMODULE)
> GetLastError: 5Zugriff verweigert
> <unknown>
> GetProcessImageFileName (PID, name): 244 Error with OpenProcess
> GetLastError: 5Zugriff verweigert
> <unknown>
> Press Enter.
>
Hmn, looks like user web user is too limited to do anything.
> Zugriff verweigert = Access denied.
>
> I think this confirms my suspicion that the normal user "web" may not query
> the parent process. What do you think ?
>
How normal is normal? I mean, it can log in? it has applied some group
policy stuff in it?
Just for the sake of testing, can you create a "limited" account using
the control panel and try running proc_info.exe with it?
With that info maybe I can figure out what's wrong.
Thanks for your time,
--
Luis Lavena
AREA 17
-
Human beings, who are almost unique in having the ability to learn from
the experience of others, are also remarkable for their apparent
disinclination to do so.
Douglas Adams
More information about the Mongrel-users
mailing list