Possible to assign NTFS/registry permissions to a service-specific SID other
than running that service as a user account or as Local System? I know that
that SID is assigned dynamically at start-up, and that there is a 1:1
mapping from service name to that SID, but it appears you can just assign
NTFS/registry permissions to the service name.
I've seen http://www.microsoft.com/technet/win...cfeat.mspx#EHF
and the PPT slides from the PDC conference, but no mention of how to change
permissions with SC.EXE for a service (to change user rights, yes, but not