Two wishes: run as system undex Win, disable remote_gui

wijata.com
wijata.com
Joined: 11 Feb 05
Posts: 113
Credit: 25,495,895
RAC: 0
Topic 188053

First, I'd like the boinc to run as 'local system' under WinNT/2K/XP. The service is installing and running as specified user. However I have the situation, where user passwords are changed quite often. It would by nice if I can install boinc as 'local system'.
Or maybe it would work if I just go to the services and change the logon from 'user' to 'local system' ??

And second (i noticed it only under linux). There is switch -allow_remote_gui_rpc. I don't use it. But even that I don't use it, boinc still binds a network port and listen.
Could You add new switch, which would disable it. Or becouse there is already switch -allow..., maybe boinc shouldn't listen on network unless the switch is used.

John McLeod VII
John McLeod VII
Moderator
Joined: 10 Nov 04
Posts: 547
Credit: 632,255
RAC: 0

Two wishes: run as system undex Win, disable remote_gui

> First, I'd like the boinc to run as 'local system' under WinNT/2K/XP. The
> service is installing and running as specified user. However I have the
> situation, where user passwords are changed quite often. It would by nice if I
> can install boinc as 'local system'.
> Or maybe it would work if I just go to the services and change the logon from
> 'user' to 'local system' ??

Yes, this works. I do it myself on three of my machines (the other effect is that the screen saver works in this mode as well if you allow interaction with the desktop).
>
> And second (i noticed it only under linux). There is switch
> -allow_remote_gui_rpc. I don't use it. But even that I don't use it, boinc
> still binds a network port and listen.
> Could You add new switch, which would disable it. Or becouse there is already
> switch -allow..., maybe boinc shouldn't listen on network unless the switch is
> used.
>
The local GUI uses the same port.

wijata.com
wijata.com
Joined: 11 Feb 05
Posts: 113
Credit: 25,495,895
RAC: 0

Ad 1) Indeed it works ! Well,

Ad 1)
Indeed it works !
Well, I still think, that there should be an option during installation, to instal the service to run as a 'local system'.

Ad 2)
As the Linux is more 'multiuser' than windows I still would like to have a way disable boinc listening on network port.
That's becouse I don't line the idea that another user can connect to boinc ans spy it and manage it!
And moreover, if he find some weakness (as it's open source), he could run a shell with my privileges!

Seti-Cruncher
Seti-Cruncher
Joined: 9 Feb 05
Posts: 70
Credit: 7,114
RAC: 0

> As the Linux is more

Message 5624 in response to message 5623

> As the Linux is more 'multiuser' than windows I still would like to have a way
> disable boinc listening on network port.
> That's becouse I don't line the idea that another user can connect to boinc
> ans spy it and manage it!
> And moreover, if he find some weakness (as it's open source), he could run a
> shell with my privileges!

If you use the remote_hosts.cfg file approach instead of the command line option, only machines listed in that file will be able to connect.

Be lucky,

Neil

wijata.com
wijata.com
Joined: 11 Feb 05
Posts: 113
Credit: 25,495,895
RAC: 0

Whatever remote_hosts.cfg is

Whatever remote_hosts.cfg is - haven't seen it.
But, even if I put there 127.0.0.1, other users logged into system will be able to connect, spy and manage boinc running by me (or maybe even exploit).
I checked it - there's no authorization in the protocol between GUI and client.

John McLeod VII
John McLeod VII
Moderator
Joined: 10 Nov 04
Posts: 547
Credit: 632,255
RAC: 0

> Whatever remote_hosts.cfg

Message 5626 in response to message 5625

> Whatever remote_hosts.cfg is - haven't seen it.
> But, even if I put there 127.0.0.1, other users logged into system will be
> able to connect, spy and manage boinc running by me (or maybe even exploit).
> I checked it - there's no authorization in the protocol between GUI and
> client.
>
If you no not put remote_hosts.cfg or add -allow_remote_hosts, all connections EXCEPT 127.0.0.1 will be refused. If you place remote_hosts.cfg in your BOINC directory, you can determine by DHCP hame or IP number who gets to connect. Everything else will just be refused.

Spacetime
Spacetime
Joined: 11 Feb 05
Posts: 13
Credit: 6,368,281
RAC: 0

How do you run BOINC client

How do you run BOINC client (4.24) as a service under WinXP?
Where do you get the "boinc_cli.exe" executable needed for service?
There is no such file in the BOINC install folder or am I missing something?


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.