Solved

Security regarding IUSR_ASP & IWAM_ASP on IIS 6.0

Posted on 2007-12-06
3
675 Views
Last Modified: 2008-03-06
Friends,
             Will there be any security risk for my system after i allow FULL ACCESS to IUSR_ASP & IWAM_ASP IIS accounts on websites that i host from Windows 2003 Enterprise Edition ? If yes, then what do i need to take into consideration ? waiting for your reply. Thank you


Beginner
http://healthtreatments.blogspot.com
0
Comment
Question by:umnict
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Accepted Solution

by:
saleek earned 125 total points
ID: 20418313
Hi there,

Firstly, Why would you want to give the entire website full access?
Do you mean the root folder or a subfolder?
Assigning full access to this account for specific subfolders is not a problem and you are safe to do so providing they are a logical layer of your app and do not contain executable scripts etc.

For example, giving full permission to the account on a subfolder where images/pdfs are created and stored is perfectly safe.

Giving full permission to the account on subfolders/root folders where there are scripts etc is not recommended as far as I am aware.

Saying this, the general consensus would be that there is no security risk unless some hostile
person can somehow take control of your ASP.Net app.

The following link can give you some details on what permissions the aspnet account has by default: http://support.microsoft.com/kb/317012

Hope that helps.

regards,

KS


0
 
LVL 1

Expert Comment

by:Vee_Mod
ID: 20491688
No Response to Expert.
Force closed.
Vee_Mod
Community Support Moderator
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question