According to msdn :
ASP.NET Web page and server control code executes in the context of the ASP.NET worker process on the Web server. If you use the Start method in an ASP.NET Web page or server control, the new process executes on the Web server with restricted permissions. The process does not start in the same context as the client browser, and does not have access to the user desktop.
Which account precisely is the "restricted permissions" ?
Example :
RoyiN
BobK
at web.config ( all over the site)W3WP
user is UserA
(not network nor ApplicationPoolIdentity).In C# I do Process.start("....cmd.exe...")
( with Startinfo
credentials as : "Martin
","Password
","Domain
")
Who is the efficient account
which finally runs cmd.exe
?
To whom "restricted permissions" is actually regarding ?
Start(String)Starts a process resource by specifying the name of a document or application file and associates the resource with a new Process component. public: static System::Diagnostics::Process ^ Start(System::String ^ fileName); C# Copy.
Start another application using your . NET code As a . NET method, Start has a series of overloads, which are different sets of parameters that determine exactly what the method does. The overloads let you specify just about any set of parameters that you might want to pass to another process when it starts.
C# Process class provides Start method for launching an exe from code. The Process class is in the System. Diagnostics namespace that has methods to run a .exe file to see any document or a webpage. The Process class provides Start methods for launching another application in the C# Programming.
Kill() Immediately stops the associated process.
Impersonation won't come into play here, since under the hood, Process.Start
is relying on one of two native Win32 calls:
If ProcessStartInfo.UserName is provided:
CreateProcessWithLogonW(startInfo.UserName, startInfo.Domain, ...)
CreateProcessWithLogonW
And if not:
CreateProcess(null, cmdLine, null, null, true, ...)
CreateProcess
The null
s passed into CreateProcess are what's probably biting you; from MSDN:
The lpSecurityDescriptor member of the structure specifies a security descriptor for the main thread. If lpThreadAttributes is NULL or lpSecurityDescriptor is NULL, the thread gets a default security descriptor. The ACLs in the default security descriptor for a thread come from the process token.
Note it says from process token, not calling thread - the impersonated identity doesn't get a chance to join the party since it's bound to the thread.
I believe the MSDN entry refers to the fact that even if impersonation is enabled and you're under a specific user context, the new process will be spawned by the process - and impersonation occurs at thread level. That said, i do believe it would run under the 'UserA' context.
Here's the pertinent KB entry:
http://support.microsoft.com/kb/889251
Notice that the same entry describes how to use CreateProcessAsUser to allow for impersonation.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With