0

I am using Windows Service inside my EXE package.

And I am trying to understand what the difference between these two codes:

First code:

this.serviceProcessInstaller1.Account = System.ServiceProcess.ServiceAccount.LocalSystem;

Second code:

this.serviceProcessInstaller1.Account = System.ServiceProcess.ServiceAccount.LocalSystem;
this.serviceProcessInstaller1.Password = null;
this.serviceProcessInstaller1.Username = null;

I noticed that in the second code, my service can't access a user space, like to get a list of all running processes, but in the first one it is possible. Why is it a such difference? Where I can read more about it?

Rougher
  • 834
  • 5
  • 19
  • 46
  • There should not be any difference between those two code samples - [Username](https://learn.microsoft.com/en-us/dotnet/api/system.serviceprocess.serviceprocessinstaller.username?view=netframework-4.8.1#remarks): "If Account is any value other than User, the specified account (local or network service, or local system) is used" – Damien_The_Unbeliever Aug 08 '23 at 05:58
  • @Damien_The_Unbeliever But is it okay that my service can access processes list? Should not it be some separation between service and a User session? – Rougher Aug 08 '23 at 06:05
  • I suppose you have actually read the documentation on the [Local System Account](https://learn.microsoft.com/en-us/windows/win32/services/localsystem-account)? It tells you it's a high privilege account with more permissions than most services would require but you've still chosen to use it rather than LocalService, NetworkService or a named account where you set the permissions. Why are you surprised? – Damien_The_Unbeliever Aug 08 '23 at 06:07
  • Ok. Maybe I didn't understand how a session separation works. Did you try to create service with Username/Password are NULL? In your case it works as usual? – Rougher Aug 08 '23 at 06:25

0 Answers0