INFO: Incorrect Configuration Can Orphan COM ServersLast reviewed: July 1, 1997Article ID: Q170915 |
The information in this article applies to:
SUMMARYIf the launch and access permissions of a secure COM server are configured incorrectly, a situation might arise where the COM server is launched, but it is never shut down. This happens when a client's user account is allowed launch permissions to the server but not access permissions. Because no valid client/server connection is ever established, the automatic garbage collection mechanism built into COM is not implemented in this case and the server may be left running forever.
MORE INFORMATIONConsider the case where a client's account is in the launch permissions list of a COM server, but it is missing from the access permissions list. If an authenticated COM session is to be established between the client and the server, COM needs to check both launch and access security. Since the client has launch permissions, COM launches the server. The server calls CoRegisterClassObject() to register its classes. COM then tries to call the server while impersonating the client. The call is never dispatched into the server code due to the initial security check failing. No interfaces are marshaled and an Access Denied error is returned to the client. Since no objects are created or properly marshaled, no garbage collection is subsequently performed. This may result in the COM server process being orphaned. The server process and associated COM class objects will be orphaned if:
Notice that the opposite is not true. That is, it is completely reasonable to have clients with access permissions (can call a running server) but no launch permissions (can't start a non-running server). Indeed, it is precisely for this scenario that COM separates the two ACLs.
REFERENCESFor additional information, please see the following article(s) in the Microsoft Knowledge Base:
ARTICLE-ID: Q158508 TITLE : INFO: COM Security Frequently Asked Questions ARTICLE-ID: Q169321 TITLE : INFO: COM Servers Activation and NT Windows Stations |
Keywords : BseRegistry BseSecurity LeTwoCom LeTwoDCom
© 1998 Microsoft Corporation. All rights reserved. Terms of Use. |