Split out from the discussion in bug 708778, especially imelven's comments. I do not know if this is a good idea or not, so this might be WONTFIX or INVALID. See http://en.wikipedia.org/wiki/Windows_Task_Scheduler#Bugs for one reason why it might be a bad idea.
I'd just like to point out that "scheduled tasks" don't actually have to be scheduled, and can in fact have an ACL configured to allow any user account to "trigger" them. Kinda like setuid, but not running the context of the triggering user. Services can be configured in this way too, so as to not actually run unless triggered.
assigning to imelven as he is embedded on this project
Regarding this link: http://weblogs.asp.net/jgalloway/archive/2005/10/24/428303.aspx This is not applicable to what we're using a service for. The link talks about it being a bad idea to implement a scheduled operation via a service, but we are not executing a scheduled operation. We are executing an on demand operation.
:imelven - can we get an update for this bug, is it still needed and if so do we need to reassign the sec review due to re org?
Whiteboard: [secr:imelven] → [sec-assigned:imelven]
(In reply to Curtis Koenig [:curtisk] from comment #5) > :imelven - can we get an update for this bug, is it still needed and if so > do we need to reassign the sec review due to re org? i don't believe this bug is currently planned to be worked on - probably check with rstrong and bbondy please assign to someone else for security review if this bug proceeds
I don't see a benefit to this bug and do not think it will be worked on. Just a quick note that any elevated admin account can run a process that creates a service as a system account and then start that service. Marking as WONTFIX for now assuming no one has strong objections.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
removing the sec-review flag, if we need this we can come back to this stuf
You need to log in before you can comment on or make changes to this bug.