security steps to allow webservice to run exe

[Billy Greening]

What are the steps needed to give my webservice adequate security
priveledges to run an exe?

Here is my basic webmethod:

Process proc = null;

ProcessStartInfo procInfo = new ProcessStartInfo("Notepad.exe");

procInfo.UseShellExecute = false;

procInfo.CreateNoWindow = true;

proc = Process.Start(procInfo);

proc.WaitForExit();

return "ok";



With the 'wait for exit' piece in there, it never returns anything. If I
take that out, the 'ok' result comes up fine. Either way, notepad never
pops up.

I have found several people with the same issue when searching on google,
but haven't found any real answers. Any help is greatly appreciated.
Thanks,

Billy

(e-mail address removed)

 

[Gary Chang[MSFT]]

Hi Billy,

Currently, we are looking into this problem. We will update you as soon as
we get anything out.


Thanks for your understanding!

Best regards,

Gary Chang
Microsoft Community Support
--------------------
Get Secure! ¡§C www.microsoft.com/security
Register to Access MSDN Managed Newsgroups!
http://support.microsoft.com/default.aspx?scid=/servicedesks/msdn/nospam.asp
&SD=msdn

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[[MSFT]]

Hello Billy,

We cannot expect any windows form UI come from an ASP.NET application. The
"Notepad.exe" will be running in a different desktop and we cannot view
it. Anyway, you may find it in Task Manager.

From security, we need enough pemission to run such an application, for
example, we may need Read permission to the folder of "Notepad.exe" and
Write permission to temp folder. When you need to run such an application,
you may try impersonate in ASP.NET:

How to implement impersonation in an ASP.NET application
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q306158

Hope this help,

Luke