Ask a Question related to ASP.NET Security, Design and Development.

  1. Karl Mikesell #1

    Default Why everyone?

    When setting up ASP.NET directories on web server (physical), why is the
    "everyone" group read permission required where a web.config files exists
    (.aspx or .asmx)

    Why not just IUSR_*

    I try to eliminate everyone from everything; but I cannot with ASP.NET, how
    to audit ASP.NET object access?

    Need to know who.



    Karl Mikesell Guest
    Reply With Quote Reply With Quote
  2. Karl Mikesell #2

    Default Re: Why everyone?

    Thank you for the help

    Removed everyone, added IIS_WPG and everything is working.

    Karl

    "Michal A. Valasek" <news@altaircom.net> wrote in message
    news:uONIcxOWDHA.2476@tk2msftngp13.phx.gbl...
    > | When setting up ASP.NET directories on web server (physical), why is the
    > | "everyone" group read permission required where a web.config files
    exists
    > | (.aspx or .asmx)
    >
    > Is not required. Only the worker processes need to access this file. On
    > W2003 it's by default the IIS_WPG group.
    >
    > --
    > Michal A. Valasek, Altair Communications, [url]http://www.altaircom.net[/url]
    > Please do not reply to this e-mail, for contact see [url]http://www.rider.cz[/url]
    >
    >

    Karl Mikesell Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139