Hi, someone asked for a function to determine if a Win32 exe is running as a NT service? Use svccheck.c and svccheck.h, just call:
if (IsService(EXENAME_SERVICES,EXENAME_WINLOGON,SYSTEM_SID)) { ... } If you are running your service on a different account than the well known SYSTEM_SID, which is "S-1-5-18", then specify your specific one as the 3rd param (zero-terminated string). Rgs, Ingo. -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Jeffrey Altman Gesendet: Freitag, 8. August 2003 19:37 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: Re: BUG: CreateToolhelp32Snapshot The reason that we go to all this trouble to examine alternative sources of randomness other than CryptGetRandom() is that Microsoft has refused to publish the sources of randomness which are used. Therefore, we have no ability to know whether or not the randomness reported by Windows is in fact random. The fundamental trouble with the ToolHelp32 and HKEY_PERFORMANCE_DATA when used in "Services" is that at the time the service is being loaded and this code may be executing we are unaware of what other services must first be loaded and initialized in order for them to work properly. We never hear of problems for client applications. Nor do I ever see problems with this code in the Internet Kermit Service when loaded on NT/2000/2003 server. The IKS installs a small Windows Service which then spawns processes which execute RAND_poll(). My assumption is that those users who are having problems do not have the proper set of dependencies set. Therefore, RAND_poll() is executed when the necessary conditions are not quite met. Of course, I have never had time to investigate this in detail. I wish I had the time. I wish we had a function that could determine if we were running as a service. If so, we might be able to tailor this code to behave differently. Jeffrey Altman Richard Levitte - VMS Whacker wrote: > cardbox> As for the Windows 2003 Server crash: I agree that disabling > cardbox> sections of code is a Bad Thing. What I've done (pending more > cardbox> people researching the problem) is to put > cardbox> BOOL bMJKGotRandomness=FALSE; > cardbox> at the start of RAND_poll > cardbox> bMJKGotRandomness=TRUE; > cardbox> when either of the CryptGenRandom calls succeeds. Then > cardbox> if (kernel) > cardbox> can become > cardbox> if (!bMJKGotRandomness && kernel) > cardbox> > cardbox> ... which seems a reasonably conservative way round the > cardbox> problem. [The variable name isn't vanity, it's just that I > cardbox> want to be able to recognise my own code so I know what > cardbox> patches to re-apply to later releases of OpenSSL]. > > OK, I'll look at that later today. > > cardbox> For those who are trying to reproduce the bug: I wonder if > cardbox> perhaps MS have decided that ToolHelp is too powerful to be > cardbox> safe and have started requiring that you have some sort of > cardbox> special permissions to access it. This is just a thought in > cardbox> case the bug turns out to be hard to reproduce. > > Hmm, again, I think "don't say it..." applies again. The gods may > have a wry sense of humor today, and you may get what you wish for > (regardless of whether you actually do or don't). > > *sacrifices a rubber ducky on a VAX altar* >
svccheck.zip
Description: Zip compressed data