Windows application protection

Is there a way to restrict users with administrative rights from managing specific Windows based applications? I would like to restrict administrators to stopping or restarting a service very similar to the Windows Event Log service. What are some of the most popular approaches or recommended approaches to security, followed by product vendors (e.g. antivirus applications, firewalls, etc., where the service should run at all times)?


source to share

2 answers

Here is one approach using access control -



To remove the stop option from the mmc service manual. With a .net service, you:

ServicesToRun = new ServiceBase[] { new Service1() };
ServicesToRun[0].CanStop = false;


With win32, see the SERVICE_STATUS structure and the SetServiceStatus functional documentation. Haven't tested this option.

However, I don't think (and hope I am right) that there is a way in user space to prevent the admin from stopping. The administrator can still stop the service by killing the process from taskmanager or taskkill.



All Articles