October 8
2008
Have you ever needed to execute a command (such as application, batch, script, etc.) on your server with administrator privileges?
Asp.net provides impersonation, that can be used to execute a piece of code with arbitrary credentials, but after examining a little the situation, i’ve came up that is not a good way for me; for various reasons, maybe the more importantly is that the LogonUser method used by impersonation requires that you use a password and that password has to come from somewhere. This means somewhere in your system you have to store this password and retrieve that password which can be compromised and then potentially be used to further penetrate security.
So i’ve implemented another simple method to obviate to this: basically a Windows Service installed on the server machine, running as administrator (or the preferred account), listening for the ServiceBase.OnCustomCommand method, which is invoked by an asp.net page by the ServiceController.ExecuteCommand method. The IPC (Inter-Process Communication) is implemented with a file, written by the asp.net page and read from the windows service, and that contains the command to execute.
Continue reading »
Linux
Bash scripting
The Lounge
Misc
Quotes
Wallpapers
Utilities
Windows Mobile