Microsoft® Windows® 2000 Security Handbook

Service Security Considerations for Programmers

Now that we've gone through some background, let's dig into the security issues around writing good services. The suggestions that follow outline some of the common coding mistakes that can lead to unstable and possibly insecure services. The items that follow are unique to services; I discuss general secure coding guidelines later.

Accepting Messages

The SCM can send five different control messages to a service:

SERVICE_CONTROL_STOP
SERVICE_CONTROL_PAUSE
SERVICE_CONTROL_CONTINUE
SERVICE_CONTROL_SHUTDOWN
SERVICE_CONTROL_INTERROGATE

The only message that all services are required to accept is SERVICE_CONTROL_INTERROGATE. By setting the dwControlsAccepted value that is passed through the SERVICE_STATUS ...

Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® Windows® 2000 Security Handbook by Jeff Schmidt

Service Security Considerations for Programmers

Accepting Messages

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly