Why is "Act as part of the operating system" dangerous?

[Arturo]

Hello everybody:

I have a question: Why is "Act as part of the operating system"
dangerous? I have an application that will go live on Windows 2000,
and it impersonates a user; I have to enable it (it copies some files
in the server and creates a new IIS application on the server. That's
why it needs to impersonate a user) I am using LogonUser.

Thanks!

Arturo

 

[Joe Kaplan \(MVP - ADSI\)]

Act as Part of the Operating System allows the account to do stuff directly
in kernel mode, bypassing the entire Windows security system if it wants to.
Essentially, the account is equivalent to SYSTEM.

Does that answer the question adequately?

Did you consider the possibility of factoring out this code into a seperate
component that could run under COM+ so that you could specify a particular
identity to run as? That would be much more secure? Alternately, moving to
2003 server fixes this problem as well.

Joe K.

 

[Arturo]

Act as Part of the Operating System allows the account to do stuff directly

in kernel mode, bypassing the entire Windows security system if it wants to.
Essentially, the account is equivalent to SYSTEM.

Thanks, Joe. I think I will create a console application and call it.
That's the easyest solution so far. Thanks!

Arturo