Alternative to "Allow service to interact with desktop"?

c# windows-services exe
jdecuyper picture jdecuyper · Feb 27, 2010 · Viewed 31.2k times · Source

I have a windows service (C#) installed on a server that launches every 10 minutes an executable file (C#) to process some images from one directory to another. No interaction is required with any user. Nevertheless, since the executable file as an output window, to make the service run I have to enable the "Allow service to interact with desktop" checkbox which is considered as an insecure and bad practice. How would I go about this problem? I like to have the executable separated from my windows service because

  • it makes it easier to debug and doesn't require a full windows service redeploy.
  • sometimes I use the same windows service to launch several executable files at different intervals (but all related to the same project).

EDIT:

When the interaction with the desktop is not enabled, the console application does not get executed correctly and the following error appears inside the Windows Logs:

Faulting application myapp.exe, version 1.0.0.0, time stamp 0x4b8304c3, 
faulting module KERNEL32.dll, version 6.0.6002.18005, time stamp 0x49e03821, 
exception code 0xc0000142, fault offset 0x00009eed, process id 0x10ec, 
application start time 0x01cab736950a64b5.

Once the desktop interaction is enabled, application gets executed normally.

Any thoughts?

Thanks a lot for your time.

Answer

Aryabhatta picture Aryabhatta · Feb 27, 2010

If you are using Vista and later and you don't really need any interaction with the user, but have an interactive exe to execute, the Session 0 isolation feature should help alleviate some of the concerns about the 'bad practice' on having a service interact with the desktop (which in Session 0 has no physical console).

This Session 0 isolation would prevent unprivileged users from performing Shatter Attacks on your service as they get their interactive desktops in different sessions. Shatter attacks are the main reason why this 'interaction with desktop' was considered bad practice and if you are using Vista or later, it should be ok if you cannot avoid it (or will have to spend too much effort to do it).

So, if things are working fine as they are, you are probably ok.

Of course, after an OS update, things might just stop working, so it is probably better to prepare to move the dependency on interactivity out, as you don't really need it.

Related questions

Install a Windows service using a Windows command prompt?

I want to install a Windows service using a Windows command prompt (not the Visual Studio command prompt). How do I do this?

Read More
The type initializer for 'MyClass' threw an exception

The following is my Windows service code. When I am debugging the code, I am getting the error/ exception: The type initializer for 'CSMessageUtility.CSDetails' threw an exception. using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; …

Read More
Error 5 : Access Denied when starting windows service

I'm getting this error when I try to start a windows service I've created in C#: My Code so far: private ServiceHost host = null; public RightAccessHost() { InitializeComponent(); } protected override void OnStart(string[] args) { host = new ServiceHost(typeof(RightAccessWcf)); host.Open(); } …

Read More