 |
|
|
|
Next: IIS not working, everything else in my "Adva..
|
| Author |
Message |
External
Since: Oct 13, 2003
Posts: 3
|
(Msg. 1) Posted: Mon Oct 13, 2003 8:01 pm
Post subject: IIS5: Per Site User Account
Archived from groups: microsoft>public>inetserver>iis (more info?)
|
|
|
Is there any benifit for the overly paranoid to have each seperate IIS
website on a server run as a different user [account]?
This would mean that the Anonymous Access account set to a site specific
user and the COM+ package set to run as that site specific user
(assuming the site is set to run Isolated)?
File permissions wise, this makes ensuring each site has only what
permissions it needs a little easier. Assuming someone gets the site
process to do evil things due to the latest and greatest security hole
or misconfiguration, or stupid code tricks, will having each site
running as a distinct user help prevent damage to other sites since
other sites won't have read access permitted for the current sites user.
Thanks,
-=Chris |
|
| Back to top |
|
 | |
External
Since: Aug 25, 2003
Posts: 2419
|
(Msg. 2) Posted: Tue Oct 14, 2003 4:11 am
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
That is the right idea... except that IIS5 runs as Local System, so if it
got exploited, Local System is able to bypass all your security.
This is not the case with IIS6, which runs as a low-privileged account by
default, and even if it gets exploited, the damage potential is small,
depending on your configuration.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Christopher H. Laco" <claco RemoveThis @summitracing.com> wrote in message
news:3f8b1293$1@summitproxy.summit.network...
Is there any benifit for the overly paranoid to have each seperate IIS
website on a server run as a different user [account]?
This would mean that the Anonymous Access account set to a site specific
user and the COM+ package set to run as that site specific user
(assuming the site is set to run Isolated)?
File permissions wise, this makes ensuring each site has only what
permissions it needs a little easier. Assuming someone gets the site
process to do evil things due to the latest and greatest security hole
or misconfiguration, or stupid code tricks, will having each site
running as a distinct user help prevent damage to other sites since
other sites won't have read access permitted for the current sites user.
Thanks,
-=Chris |
|
| Back to top |
|
| |
External
Since: Oct 13, 2003
Posts: 3
|
(Msg. 3) Posted: Thu Oct 16, 2003 2:07 pm
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
David Wang [Msft] wrote:
> That is the right idea... except that IIS5 runs as Local System, so if it
> got exploited, Local System is able to bypass all your security.
>
> This is not the case with IIS6, which runs as a low-privileged account by
> default, and even if it gets exploited, the damage potential is small,
> depending on your configuration.
>
I guess I knew that the server ran as LocalSystem, but I've always been
unclear as to what the path of a request is when the site requested is
running isolated ander a Com+ package as a specific user, and the
anaonymous requests as a specific user.
If the request goes straight to the service, then it's pointless.
If the request goes straight to the isolated process running as the Com+
server package user, then it may not be so bad.<!-- ~MESSAGE_AFTER~ --> >> Stay informed about: IIS5: Per Site User Account |
|
| Back to top |
|
| |
External
Since: Aug 25, 2003
Posts: 2419
|
(Msg. 4) Posted: Fri Oct 17, 2003 2:11 pm
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Prior to IIS6, all requests first go into inetinfo.exe (running as
LocalSystem), and then if it is medium/high isolation, routed to
dllhost.exe.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Christopher H. Laco" <claco.TakeThisOut@summitracing.com> wrote in message
news:3f8eb41b$1@summitproxy.summit.network...
David Wang [Msft] wrote:
> That is the right idea... except that IIS5 runs as Local System, so if it
> got exploited, Local System is able to bypass all your security.
>
> This is not the case with IIS6, which runs as a low-privileged account by
> default, and even if it gets exploited, the damage potential is small,
> depending on your configuration.
>
I guess I knew that the server ran as LocalSystem, but I've always been
unclear as to what the path of a request is when the site requested is
running isolated ander a Com+ package as a specific user, and the
anaonymous requests as a specific user.
If the request goes straight to the service, then it's pointless.
If the request goes straight to the isolated process running as the Com+
server package user, then it may not be so bad.<!-- ~MESSAGE_AFTER~ --> >> Stay informed about: IIS5: Per Site User Account |
|
| Back to top |
|
| |
External
Since: Oct 13, 2003
Posts: 3
|
(Msg. 5) Posted: Mon Oct 20, 2003 11:41 am
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
David Wang [Msft] wrote:
> Prior to IIS6, all requests first go into inetinfo.exe (running as
> LocalSystem), and then if it is medium/high isolation, routed to
> dllhost.exe.
>
Sounds like a good excuse to push an IIS6/W2K3 Upgrade.  <!-- ~MESSAGE_AFTER~ --> >> Stay informed about: IIS5: Per Site User Account |
|
| Back to top |
|
| |
External
Since: Aug 25, 2003
Posts: 2419
|
(Msg. 6) Posted: Mon Oct 20, 2003 9:45 pm
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Well... IIS6 was re-architected to address many of the fundamental flaws
within the previous IIS codebase. The issue of isolation is but one of the
many things that IIS6 does better. Our hope is that a better SW design and
better features to solve real problems are compelling reasons to drive
usage/upgrade.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Christopher H. Laco" <claco.RemoveThis@summitracing.com> wrote in message
news:3f93d817$1@summitproxy.summit.network...
David Wang [Msft] wrote:
> Prior to IIS6, all requests first go into inetinfo.exe (running as
> LocalSystem), and then if it is medium/high isolation, routed to
> dllhost.exe.
>
Sounds like a good excuse to push an IIS6/W2K3 Upgrade. <!-- ~MESSAGE_AFTER~ --> >> Stay informed about: IIS5: Per Site User Account |
|
| Back to top |
|
| |
External
Since: Sep 05, 2003
Posts: 407
|
(Msg. 7) Posted: Thu Oct 23, 2003 12:52 am
Post subject: Re: Per Site User Account [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Indeed a good design for W3svc.
but it would perfect if similar focus were put into
other services. e.g. msftpsvc, smtpsvc, and nntpsvc.
--
Regards,
Bernard Cheah
<a style='text-decoration: underline;' href="http://support.microsoft.com/" target="_blank">http://support.microsoft.com/</a>
Please respond to newsgroups only ...
"David Wang [Msft]" <someone.DeleteThis@online.microsoft.com> wrote in message
news:eK0j8RBmDHA.372@TK2MSFTNGP11.phx.gbl...
> Well... IIS6 was re-architected to address many of the fundamental flaws
> within the previous IIS codebase. The issue of isolation is but one of
the
> many things that IIS6 does better. Our hope is that a better SW design
and
> better features to solve real problems are compelling reasons to drive
> usage/upgrade.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Christopher H. Laco" <claco.DeleteThis@summitracing.com> wrote in message
> news:3f93d817$1@summitproxy.summit.network...
> David Wang [Msft] wrote:
> > Prior to IIS6, all requests first go into inetinfo.exe (running as
> > LocalSystem), and then if it is medium/high isolation, routed to
> > dllhost.exe.
> >
> Sounds like a good excuse to push an IIS6/W2K3 Upgrade.
>
><!-- ~MESSAGE_AFTER~ --> >> Stay informed about: IIS5: Per Site User Account |
|
| Back to top |
|
| |
| Related Topics: | How to enable IUSER account in IIS5.0 W2kserver - Hello Frieds, I got the error IUSER account disabled. How to enable IUSER account in IIS5.0 and Windows2000 advanced server?. If anyone knows please let me know.... Advanced thanks, Thanks, Joe
Dynamically adding user names and passwords for web site p.. - Hi! Could anyone please explain how I can do the following on a Windows2000 server machine? I would like to be able to allow access to some directories on a web site (using IIS) based on a plain text file (located in a secured directory of course)..
ASP.NET account and IIS - Hello all, Running IIS5.0 on Windows XP Pro... I am trying to develop and test some basic VB.NET/ASP.NET applications and have some problems: 1. After trying to run the application and receiving Page Not Available and Internal Server Errors (500?), I....
Renaming IUSR_server account in IIS 6.0 - Can we simply rename IUSR_server account in IIS 6.0? will it create any issuse ? Since I have around 300 sites on the server I need to confirm.
Application Pool Account - Hi. Im setting up a few websites on a 2003 server and am a little unshore as to the account for the Application pools. Here's what I have so far... Each web site has a unique guest account for anonymous access as well as a unique account with higher.. |
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Profile
Private Messages
Log in
