Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 2.0 > ASP.NET 2.0 Professional
Password Reminder
Register
| FAQ | Members List | Search | Today's Posts | Mark Forums Read
ASP.NET 2.0 Professional If you are an experienced ASP.NET programmer, this is the forum for your 2.0 questions. Please also see the Visual Web Developer 2005 forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 2.0 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old August 28th, 2009, 03:01 PM
Authorized User
 
Join Date: Nov 2005
Location: , , .
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default Encrypting web.config

Every example of encrypting web.config sections uses some built in ASP.NET objects with a provider string, such as this example shows: http://davidhayden.com/blog/dave/arc...1/17/2572.aspx

My question is: if a malicious person managed to gain access to the server's file system, what would prevent that person from uploading their own .aspx page with the same code to unprotect sections in web.config?

Last edited by fizzerchris; August 28th, 2009 at 03:03 PM..
  #2 (permalink)  
Old September 15th, 2009, 03:17 PM
Authorized User
 
Join Date: Nov 2005
Location: , , .
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default I guess no responses means

...nothing will prevent it.
  #3 (permalink)  
Old September 15th, 2009, 11:54 PM
Friend of Wrox
Points: 1,749, Level: 16
Points: 1,749, Level: 16 Points: 1,749, Level: 16 Points: 1,749, Level: 16
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2007
Location: San Diego, CA, USA.
Posts: 477
Thanks: 10
Thanked 19 Times in 18 Posts
Default

Quote:
Originally Posted by fizzerchris View Post
...nothing will prevent it.
Or conversely that we don't have any security experts handy. Real security gurus are hard to come by.
__________________
-------------------------

Whatever you can do or dream you can, begin it. Boldness has genius, power and magic in it. Begin it now.
-Johann von Goethe

When Two Hearts Race... Both Win.
-Dove Chocolate Wrapper

Chroniclemaster1, Founder of www.EarthChronicle.com
A Growing History of our Planet, by our Planet, for our Planet.
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fix for Web.config Error in ...\Chapter01\LINQforBinding Web Sites rogerj BOOK: Professional ADO.NET 3.5 with LINQ and the Entity Framework ISBN: 978-0-470-22988-0 0 February 18th, 2009 01:59 PM
Encrypting config vikingsunil ASP.NET 2.0 Professional 1 August 28th, 2008 10:53 PM
web.config vs. app.config darlo Visual Studio 2005 11 August 20th, 2008 07:23 AM
Encrypting Web.Config wirerider ASP.NET 2.0 Professional 1 March 4th, 2007 11:15 PM
Web Config C# akshay144 VS.NET 2002/2003 0 November 10th, 2006 10:21 AM



All times are GMT -4. The time now is 08:46 AM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.