Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Dealing with security on IPC remoting channel

I am trying to run a service under a different user account from the application that will access the service via remoting.

While under the same account everything is fine, but as soon as I use different accounts, I get an access denied error while trying to open the IPC port.

Is there something I am missing, as I can't see from the MSDN docs what is supposed to be done.

Thanks

like image 924
leppie Avatar asked Nov 06 '22 15:11

leppie


1 Answers

FYI

Here is a link to the MSDN page that defines the authorizedGroup attribute: Server Channel Properties and here is the article on Authentication with the IPC Channel.

The key paragraph is

When an IpcServerChannel is created, an Access Control List (ACL) is created for the channel. By default, the ACL only contains the credentials the server application is running under. To communicate with the channel, the client (and therefore the IpcClientChannel) must run under the same credentials. You can, however, specify a Windows user or User group in the IPC server channel configuration that allows that user or group of users to access the channel.

like image 134
grahamesd Avatar answered Nov 13 '22 17:11

grahamesd