John M Deal said:
I've never done this myself (I've done windows services just not had the
need to display a window on the desktop) so you can take this however
you'd like. However I think you may have to configure the service to
allow interaction with the desktop.
No!! This is a very bad idea for security reasons : the windowing
system is absolutely unsecure and should not be used in privileged
contexts such as services. Google on "shatter attack" if you are
interested in the details.
Also, it could be that interactive services would be removed in the
next Windows release for this very security concern.
To the OP : You have several options:
- if you need a window in your external app *just* for a timer, do not
use windows at all and use another timer mechanism that doesn't need a
window (System.Threading.timer for example).
- if your external window really needs and use windows (because it is
a GUI app), you should get informed on the impersonnation / DACLs /
Window Station / Desktop mechanisms of Windows. As those concepts
aren't mapped in .NET (as far as I know), you should do a bit of
unmanaged calls (Win32 Security API calls) : look at the
SetProcessWindowStation / SetThreadDesktop functions. (complete C
example at
http://msdn.microsoft.com/library/d...ting_an_interactive_client_process_in_c__.asp).
Please note that you should use CreateProcessAsUser on an unprivileged
user account to avoid having an interactive process running under
SYSTEM account (always for the same shatter attack reason).
- as the 2nd option is a bit messy (especially when used in a .NET
environnement), you should perhaps reconsider your design : does your
service *really* needs to start an interactive process? Couldn't this
process be in the "Start" folder in the start menu of your user
instead? It's impossible to offer a better advice without more
knowledge about your app.
Arnaud
MVP - VC