Securing Windows Service Applications
-
08-07-2019 - |
Question
Is there any way to restrict users with administrative privileges from managing specific Windows service based applications? I would like to restrict administrators from stopping or re-starting my service very similar to the Windows event log service. What are some of the more popular approaches or recommended approaches to securing services followed by product vendors (like antivirus applications, firewalls etc where the service has to be running continuously)?
Solution 2
Here is one approach using access control - http://support.microsoft.com/?kbid=288129
OTHER TIPS
To remove the stop option from the service management mmc. With .net service you:
ServicesToRun = new ServiceBase[] { new Service1() };
ServicesToRun[0].CanStop = false;
With win32 see the SERVICE_STATUS structure and SetServiceStatus function documentation. Did not test this option.
That said, I don't think ( and hope I am right ) that there is possibility, in user space, to prevent the administrator from stopping a service. The admin can still stop the service by killing the process from taskmanager or taskkill.