Use Windows scheduled task instead of a Windows service for application update

RESOLVED WONTFIX

Status

()

Toolkit
Application Update
RESOLVED WONTFIX
6 years ago
6 years ago

People

(Reporter: briansmith, Unassigned)

Tracking

Trunk
x86
Windows 7
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Split out from the discussion in bug 708778, especially imelven's comments.

I do not know if this is a good idea or not, so this might be WONTFIX or INVALID.

See http://en.wikipedia.org/wiki/Windows_Task_Scheduler#Bugs for one reason why it might be a bad idea.
Keywords: sec-review-needed

Comment 2

6 years ago
I'd just like to point out that "scheduled tasks" don't actually have to be scheduled, and can in fact have an ACL configured to allow any user account to "trigger" them. Kinda like setuid, but not running the context of the triggering user.

Services can be configured in this way too, so as to not actually run unless triggered.
assigning to imelven as he is embedded on this project
Whiteboard: [secr:imelven]
Regarding this link:
http://weblogs.asp.net/jgalloway/archive/2005/10/24/428303.aspx

This is not applicable to what we're using a service for. The link talks about it being a bad idea to implement a scheduled operation via a service, but we are not executing a scheduled operation. We are executing an on demand operation.
:imelven - can we get an update for this bug, is it still needed and if so do we need to reassign the sec review due to re org?
Whiteboard: [secr:imelven] → [sec-assigned:imelven]

Comment 6

6 years ago
(In reply to Curtis Koenig [:curtisk] from comment #5)
> :imelven - can we get an update for this bug, is it still needed and if so
> do we need to reassign the sec review due to re org?

i don't believe this bug is currently planned to be worked on - probably check with rstrong and bbondy 

please assign to someone else for security review if this bug proceeds
Whiteboard: [sec-assigned:imelven]
I don't see a benefit to this bug and do not think it will be worked on.  Just a quick note that any elevated admin account can run a process that creates a service as a system account and then start that service.

Marking as WONTFIX for now assuming no one has strong objections.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
removing the sec-review flag, if we need this we can come back to this stuf
Keywords: sec-review-needed
You need to log in before you can comment on or make changes to this bug.