Closed
Bug 710428
Opened 13 years ago
Closed 13 years ago
Use Windows scheduled task instead of a Windows service for application update
Categories
(Toolkit :: Application Update, defect)
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: briansmith, Unassigned)
Details
Split out from the discussion in bug 708778, especially imelven's comments.
I do not know if this is a good idea or not, so this might be WONTFIX or INVALID.
See http://en.wikipedia.org/wiki/Windows_Task_Scheduler#Bugs for one reason why it might be a bad idea.
|
Reporter | |
Updated•13 years ago
|
Keywords: sec-review-needed
|
|
Reporter | |
Comment 1•13 years ago
|
||
|
||
Comment 2•13 years ago
|
||
I'd just like to point out that "scheduled tasks" don't actually have to be scheduled, and can in fact have an ACL configured to allow any user account to "trigger" them. Kinda like setuid, but not running the context of the triggering user.
Services can be configured in this way too, so as to not actually run unless triggered.
assigning to imelven as he is embedded on this project
Whiteboard: [secr:imelven]
|
||
Comment 4•13 years ago
|
||
Regarding this link:
http://weblogs.asp.net/jgalloway/archive/2005/10/24/428303.aspx
This is not applicable to what we're using a service for. The link talks about it being a bad idea to implement a scheduled operation via a service, but we are not executing a scheduled operation. We are executing an on demand operation.
:imelven - can we get an update for this bug, is it still needed and if so do we need to reassign the sec review due to re org?
Whiteboard: [secr:imelven] → [sec-assigned:imelven]
|
||
Comment 6•13 years ago
|
||
(In reply to Curtis Koenig [:curtisk] from comment #5)
> :imelven - can we get an update for this bug, is it still needed and if so
> do we need to reassign the sec review due to re org?
i don't believe this bug is currently planned to be worked on - probably check with rstrong and bbondy
please assign to someone else for security review if this bug proceeds
Whiteboard: [sec-assigned:imelven]
|
|
||
Comment 7•13 years ago
|
||
I don't see a benefit to this bug and do not think it will be worked on. Just a quick note that any elevated admin account can run a process that creates a service as a system account and then start that service.
Marking as WONTFIX for now assuming no one has strong objections.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WONTFIX
removing the sec-review flag, if we need this we can come back to this stuf
Keywords: sec-review-needed
You need to log in
before you can comment on or make changes to this bug.
Description
•