Wrox Programmer Forums
|
ASP.NET 2.0 Professional If you are an experienced ASP.NET programmer, this is the forum for your 2.0 questions. Please also see the Visual Web Developer 2005 forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 2.0 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old August 28th, 2009, 03:01 PM
Authorized User
  
Join Date: Nov 2005
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default Encrypting web.config
Every example of encrypting web.config sections uses some built in ASP.NET objects with a provider string, such as this example shows: http://davidhayden.com/blog/dave/arc...1/17/2572.aspx

My question is: if a malicious person managed to gain access to the server's file system, what would prevent that person from uploading their own .aspx page with the same code to unprotect sections in web.config?
Last edited by fizzerchris; August 28th, 2009 at 03:03 PM..
 
Old September 15th, 2009, 03:17 PM
Authorized User
  
Join Date: Nov 2005
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default I guess no responses means
...nothing will prevent it.
 
Old September 15th, 2009, 11:54 PM
Friend of Wrox
  
Join Date: Jun 2007
Posts: 477
Thanks: 10
Thanked 19 Times in 18 Posts
Default
Quote:
Originally Posted by fizzerchris View Post
...nothing will prevent it.
Or conversely that we don't have any security experts handy. Real security gurus are hard to come by.
__________________
-------------------------

Whatever you can do or dream you can, begin it. Boldness has genius, power and magic in it. Begin it now.
-Johann von Goethe

When Two Hearts Race... Both Win.
-Dove Chocolate Wrapper

Chroniclemaster1, Founder of www.EarthChronicle.com
A Growing History of our Planet, by our Planet, for our Planet.





Similar Threads
Thread Thread Starter Forum Replies Last Post
Fix for Web.config Error in ...\Chapter01\LINQforBinding Web Sites rogerj BOOK: Professional ADO.NET 3.5 with LINQ and the Entity Framework ISBN: 978-0-470-22988-0 0 February 18th, 2009 01:59 PM
Encrypting config vikingsunil ASP.NET 2.0 Professional 1 August 28th, 2008 10:53 PM
web.config vs. app.config darlo Visual Studio 2005 11 August 20th, 2008 07:23 AM
Encrypting Web.Config wirerider ASP.NET 2.0 Professional 1 March 4th, 2007 11:15 PM
Web Config C# akshay144 VS.NET 2002/2003 0 November 10th, 2006 10:21 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.