Wrox Programmer Forums
|
ASP.NET 1.1 As of 10/6/2005, this forum is locked as part of the reorganization described here: http://p2p.wrox.com/topic.asp?TOPIC_ID=35394. No posts have been deleted. Open ongoing discussions from the last week have been moved to either ASP.NET 1.0 and 1.1 Beginners http://p2p.wrox.com/asp-net-1-0-1-1-basics-60/ or ASP.NET 1.0 and 1.1 Professional. http://p2p.wrox.com/forum.asp?FORUM_ID=50. See my sticky post inside for more.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.1 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
Page 2 of 2 1 2
 
Old March 6th, 2004, 04:42 AM
Imar's Avatar
Wrox Author
  
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default
Hi Morris,

Useful as your solution sounds, it's not very recommended because it means decreased security. Your solution is like giving everyone in your domain Administrator privileges, because "it's such an hassle to set up the individual rights" (I have really heard this once).

The System account is, as it name implies, a high-privileged account. This means it can do as much as everything it wants on your local machine. This also means Web sites running under this account can do what they want. This is a problem when you're not the only one developing; other developers can create code that can read, write, delete, etc any file they see fit.
Also, when your ASP.NET box is ever hacked, the hacker will be able to run code as the system account.

So, IMHO, it's better to use a lower privileged account. The ASPNET or Network Service accounts are created for just thus purpose. Instead of making ASP.NET run as a System account, you should use this lower privileged account, and tweak and tune the rights on our server. It's not as quick as making everyone Administrator, but in the long run it's much more secure.

Cheers,

Imar


---------------------------------------
Imar Spaanjaars
Everyone is unique, except for me.
Page 2 of 2 1 2





Similar Threads
Thread Thread Starter Forum Replies Last Post
impersonation through web.config and runtime xile ASP.NET 1.0 and 1.1 Professional 0 November 20th, 2008 12:09 PM
impersonation for asp app xile Classic ASP Basics 1 November 11th, 2008 08:56 AM
Problem with impersonation.. joseph20 .NET Framework 2.0 0 July 23rd, 2008 09:07 AM
Impersonation mike_remember ASP.NET 1.0 and 1.1 Professional 1 March 5th, 2007 09:10 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.