Hi,
This is a proper home for the discussion which has started in the threads SyncTrayzor: Windows host for Syncthing. Installer, auto-start, built-in browser, tray icon, folder watcher, and more and Syncthing Windows Installer.
The discussion revolves determining the best approach to starting Syncthing automatically on Windows. The options can be boiled down to “as one service per user”, “as one service for all users”, or “start on login”. A brief summary of my take on the pros and cons is below: I’ll update this as the discussion progresses.
Please leave a comment if you have a preferred approach, if you disagree with anything in this summary, or if you have anything else to add. The ultimate goal is to figure out would could be the best approach - or combination of approaches - to recommend to new Windows users of Syncthing.
One service for all users
Pros
- Syncthing starts before a user logs in, allowing file synchronzation to start earlier.
Cons
- All users (and malware running as those users) will be able to access everything which the Syncthing service’s user can access.
- This means that running as LocalAdmin creates a vertical privilege escalation attack vector, allowing system files / Program Files to be changed, bypassing UAC.
- All users have to use the same Syncthing configuration.
One service per user
Pros
- Syncthing starts before a user logs in, allowing file synchronzation to start earlier.
- User B’s files can sync while user A is logged in.
Cons
- We need to ensure that each Syncthing instance is started on a separate port.
- Potentially confusing to set up and maintain properly. People are used to seeing one service per program, not one per user. There’s a very large “what the hell” moment if you look at your services list and see “Syncthing (User A)”, “Syncthing (User B)”, etc.
Start on Login
Pros
- Syncthing automatically runs per-user with the user’s permissions - no security holes. This is the way Syncthing is intended to be used (in my understanding), since it stores its config and database in %LOCALAPPDATA%.
- Different users can use or not use Syncthing as desired.
- If user A’s Syncthing config causes frequent CPU-intensive scanning, user B won’t be affected.
Cons
- No syncing is done before login.
- User B’s files aren’t synced while user A is logged in.
@jaredthirsk @Rewt0r @AudriusButkevicius you were involved in previous discussions.
Thanks!