373 | | |
374 | | == Design Decisions == |
375 | | |
376 | | * Why install as a service instead of a single user install? |
377 | | |
378 | | Service installs allow for the boinc core client to be isolated from any users files. Since the core client has the only available incoming TCP/IP connection it is at risk of being hacked, to mitigate information disclosure of sensitive user files such as MS Money or Quicken files the core client is executed with its own user account. |
379 | | |
380 | | By default non-administrative accounts cannot create globally named shared memory segments, therefore keyboard and mouse activity could not be monitored without setting up an account with that additional user right. |
381 | | |
382 | | * Launching worker and graphics applications as boinc_project. |
383 | | |
384 | | Isolate BOINC-based applications from BOINC and the rest of the system. |
385 | | |