471,354 Members | 1,500 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,354 software developers and data experts.

How? Granting elevated privileges to a web service / kill a process

I need to be able to kill a process programmatically under ASP.NET. IIS
runs under the local system account. The user accessing the web is using
anonymous access.

We would prefer NOT to grant elevated security to the proxy used for
anonymous access. Is there a way to either establish a temporary
security context, programmatically for the .NET Framework Process.Kill
to operate under? Or perhaps a way to give the compiled binary produced
this privilege? We may be willing to hard code a username credential in
code in order to help limit the broad scope assignment of privileges.

The need for this comes from what I believe to be a bug in EXCEL. We use
automation in ASP.NET code. We wind everything down, call the various
closes, and release all references, but we find the web server to be
soon littered with many orphaned EXCEL processes. One for each instance
made via automation.

We have developed an approach to see the new EXCEL process being created
at the very moment we instance EXCEL, and track the PID. When we have
done absolutely everything we can to release the workbook, and close
EXCEL, and it still has not gone away, then we kill the process. This
has worked in many contexts, but falls on its face in an ASP.NET
webservice due to the fact that it has insufficient privileges.

Thanks for your help. Best regards - Lee Gillie, Spokane WA
Nov 19 '05 #1
1 3398
He Lee,

It seems to me that you'd want to create a special password-protected page
and implement impersonation for that page. The impersonation would use the
ID/password of an account that has sufficient privileges (admin?) to execute
Process.Kill.

http://msdn.microsoft.com/library/de...ersonation.asp

The account will have to have broad permissions:

"SecurityPermission for calling any members of System.Diagnostic.Process
with full trust. Associated enumeration: PermissionState.Unrestricted "

"Lee Gillie" <Le*@nospam.odp.com> wrote in message
news:42**************@nospam.odp.com...
I need to be able to kill a process programmatically under ASP.NET. IIS
runs under the local system account. The user accessing the web is using
anonymous access.

We would prefer NOT to grant elevated security to the proxy used for
anonymous access. Is there a way to either establish a temporary security
context, programmatically for the .NET Framework Process.Kill to operate
under? Or perhaps a way to give the compiled binary produced this
privilege? We may be willing to hard code a username credential in code in
order to help limit the broad scope assignment of privileges.

The need for this comes from what I believe to be a bug in EXCEL. We use
automation in ASP.NET code. We wind everything down, call the various
closes, and release all references, but we find the web server to be soon
littered with many orphaned EXCEL processes. One for each instance made
via automation.

We have developed an approach to see the new EXCEL process being created
at the very moment we instance EXCEL, and track the PID. When we have done
absolutely everything we can to release the workbook, and close EXCEL, and
it still has not gone away, then we kill the process. This has worked in
many contexts, but falls on its face in an ASP.NET webservice due to the
fact that it has insufficient privileges.

Thanks for your help. Best regards - Lee Gillie, Spokane WA

Nov 19 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by Steve Long | last post: by
4 posts views Thread by Kris | last post: by
1 post views Thread by Shalini | last post: by
7 posts views Thread by Peter Bradley | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.