XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Windows Implementation
    • Labels:
    • Environment:
      Windows

      Description

      There is a Windows Service being created to ensure GPII is started at login, and continues to run. For the purpose of GPII-2338, it needs to be running as LocalSystem (part of the OS, higher than Administrator) in order to start GPII as the user who is logging on.

      It can also provide a way to perform certain tasks on behalf of the GPII process, such as storing secrets (GPII-2237) or functionality requiring a higher privilege than the current user.

      To prevent privilege escalation, there needs to be a mechanism that ensures only the GPII process is making these requests.

      The following factors make this tricky:

      • The GPII process is running as the current user; a rogue process will have the same privileges.
      • The Windows Service outside the session/context of the logged on user. This limits the available IPC methods.
      • The actual process interacting with the service may be different to the one started by the service.

      TL-DR: The final answer is in this comment

      See also:

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              stegru Steve Grundell
              Reporter:
              stegru Steve Grundell
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: