Re: The problem with NT services ...

[Maxime Rousseau <mrousseau () SECURED ORG>]

Hello,

> Restricting folder permission while installing the
> product will not help if installed in the FAT
> partition, right?

Well, there you have it exactly. There is -no- security on a FAT disk. That
is just one of the oh-so-many ways to become admin on a FAT box. The correct
solution to the problem you point out would be to restrict access in the
WINNT folder to Admins. Sometimes this is not even done on boxes with NTFS.

> There could be many other ways, but what came to mind
> was ... just opening the service application's
> executable file in the exclusive mode as part of the
> service initialising process. And finally as part of
> clean up close that file handle. That's it.

Thats no substitute for a NTFS drive. Then you just drop your exec in the
Startup folder of the admin or something else.

> But I am not sure of the down side of this method. Is
> there any other better way?

NTFS - the only way


Have fun,

M.