Are there any security issues having the ASPNET user account member of
Administrators ? Is it a good practice ?
11  1763 
If you own the server, and you're not running anyone else's ASP.Net apps
with it, sure, it won't hurt.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
Neither a follower nor a lender be.
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl... Are there any security issues having the ASPNET user account member of
Administrators ? Is it a good practice ?
Hello Kevin,
So much for the principle of least privilege...
Jeff: What problems are you encountering that you feel that this is necessary?
--
Matt Berther http://www.mattberther.com If you own the server, and you're not running anyone else's ASP.Net
apps with it, sure, it won't hurt.
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl...
Are there any security issues having the ASPNET user account member
of Administrators ? Is it a good practice ?
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl... Are there any security issues having the ASPNET user account member of
Administrators ? Is it a good practice ?
ASPNet account is a default account, similar to Anonymous account, that
IIS-5 uses when a particular web site is configured as "anonymous" . The
default state is very "least privilege". With Admin membership, it is too
high and risky. I would take Admin privilege away from ASPNET.
John
> So much for the principle of least privilege...
The principle of least privilege. Where did you find that?
I believe in principles. In general, where security is the issue, the
principle is, use the security that you need. For example, my company owns
their own servers and doesn't host. We run ASP.Net under the System account.
Now, if you have a problem with that, you might want to rethink whether
almost all of your local machine appplications should run under the System
account (they do).
Microsoft ships all of their software locked down to prevent support calls
and complaints from security issues. In other words, if you open it, you're
responsible for it. That doesn't mean that on every computer every security
setting should be locked down tight. Nothing would run. It means that
security should be configured with full knowledge of the issues involved.
If it were always a bad idea to run ASP.Net under the System account,
Microsoft wouldn't have bothered to make that option available. Making the
ASP.Net account a Network Admin has much the same effect. I agree, he's
painting with a broad brush, but the objective is to prevent spills, not to
paint with the smallest brush possible.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
Neither a follower nor a lender be.
"Matt Berther" <mb******@hotma il.com> wrote in message
news:79******** *************** @news.microsoft .com... Hello Kevin,
So much for the principle of least privilege...
Jeff: What problems are you encountering that you feel that this is
necessary?
--
Matt Berther
http://www.mattberther.com
If you own the server, and you're not running anyone else's ASP.Net
apps with it, sure, it won't hurt.
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl...
Are there any security issues having the ASPNET user account member
of Administrators ? Is it a good practice ?
Here's the short story: I'm a consultant, and in my current contract I've
seen a server having ASPNET an Administrator. I felt it was risky but not
knowing exactly why. Investigation led me learn that the reason for this is
that some exception handling mechanism has to write to the Event Log, and
the first time it does, it has to write a key in the registry, thus it has
to have admin rights (well in fact I think the key should be created using a
Installation program or by hand, not the first time the app crashes). So in
our developement environment here we did not bother removing the ASPNET
account from Administrators. But in the final production environment I just
wanted to know what security issues could be involved in being set up this
way. So basically my question was : "In saying that having the ASPNET
account member of Administrators might be risky, can someone define the word
'risky' in this context ? What evil can happen ?"
"Kevin Spencer" <ke***@DIESPAMM ERSDIEtakempis. com> wrote in message
news:Ox******** ******@TK2MSFTN GP15.phx.gbl... So much for the principle of least privilege...
The principle of least privilege. Where did you find that?
I believe in principles. In general, where security is the issue, the
principle is, use the security that you need. For example, my company owns
their own servers and doesn't host. We run ASP.Net under the System
account. Now, if you have a problem with that, you might want to rethink
whether almost all of your local machine appplications should run under
the System account (they do).
Microsoft ships all of their software locked down to prevent support calls
and complaints from security issues. In other words, if you open it,
you're responsible for it. That doesn't mean that on every computer every
security setting should be locked down tight. Nothing would run. It means
that security should be configured with full knowledge of the issues
involved.
If it were always a bad idea to run ASP.Net under the System account,
Microsoft wouldn't have bothered to make that option available. Making the
ASP.Net account a Network Admin has much the same effect. I agree, he's
painting with a broad brush, but the objective is to prevent spills, not
to paint with the smallest brush possible.
--
HTH,
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Matt Berther" <mb******@hotma il.com> wrote in message
news:79******** *************** @news.microsoft .com... Hello Kevin,
So much for the principle of least privilege...
Jeff: What problems are you encountering that you feel that this is
necessary?
--
Matt Berther
http://www.mattberther.com
If you own the server, and you're not running anyone else's ASP.Net
apps with it, sure, it won't hurt.
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl...
Are there any security issues having the ASPNET user account member
of Administrators ? Is it a good practice ?
Hello Kevin, The principle of least privilege. Where did you find that?
http://c2.com/cgi/wiki?PrincipleOfLeastPrivilege
If it were always a bad idea to run ASP.Net under the System account,
Microsoft wouldn't have bothered to make that option available. Making
the ASP.Net account a Network Admin has much the same effect. I agree,
he's painting with a broad brush, but the objective is to prevent
spills, not to paint with the smallest brush possible.
I agree, to a point. Typically people try to cover up the root problem by
throwing more permissions at it. I wrote a post about this early last year
( http://www.mattberther.com/2004/04/000463.html).
--
Matt Berther http://www.mattberther.com
Hi Matt,
First, let me point out that the article referenced was written by 2
consultants, who run their own business. IOW, it is not authoritative.
That being said, I found the article to be pretty solid. Still, the term is
their own, not anything standard.
I copied this from the page you referenced:
"But keep in mind that POLA is a principle of security design, not a hard
and fast rule that must be adhered to at all times, no matter what the cost.
If you don't understand what that means then see ThreeLevelsOfAu dience,
because POLA is for a level 2 audience."
IOW, to quote another brilliant programming philosopher:
"...he's painting with a broad brush, but the objective is to prevent
spills, not to paint with the smallest brush possible."
--
;-),
Kevin Spencer
Microsoft MVP
..Net Developer
Neither a follower nor a lender be.
"Matt Berther" <mb******@hotma il.com> wrote in message
news:79******** *************** @news.microsoft .com... Hello Kevin,
The principle of least privilege. Where did you find that?
http://c2.com/cgi/wiki?PrincipleOfLeastPrivilege
If it were always a bad idea to run ASP.Net under the System account,
Microsoft wouldn't have bothered to make that option available. Making
the ASP.Net account a Network Admin has much the same effect. I agree,
he's painting with a broad brush, but the objective is to prevent
spills, not to paint with the smallest brush possible.
I agree, to a point. Typically people try to cover up the root problem by
throwing more permissions at it. I wrote a post about this early last year
(http://www.mattberther.com/2004/04/000463.html).
--
Matt Berther
http://www.mattberther.com
Hello Jeff,
I would tend to agree with Kevin, but will also stand by my point of fixing
this problem by moving the logic of creating the EventLog to an installer
(as you are thinking). The root cause of this problem can be solved without
granting elevated privileges to the ASPNET account.
--
Matt Berther http://www.mattberther.com Here's the short story: I'm a consultant, and in my current contract
I've seen a server having ASPNET an Administrator. I felt it was risky
but not knowing exactly why. Investigation led me learn that the
reason for this is that some exception handling mechanism has to write
to the Event Log, and the first time it does, it has to write a key in
the registry, thus it has to have admin rights (well in fact I think
the key should be created using a Installation program or by hand, not
the first time the app crashes). So in our developement environment
here we did not bother removing the ASPNET account from
Administrators. But in the final production environment I just wanted
to know what security issues could be involved in being set up this
way. So basically my question was : "In saying that having the ASPNET
account member of Administrators might be risky, can someone define
the word 'risky' in this context ? What evil can happen ?"
"Kevin Spencer" <ke***@DIESPAMM ERSDIEtakempis. com> wrote in message
news:Ox******** ******@TK2MSFTN GP15.phx.gbl...
So much for the principle of least privilege...
The principle of least privilege. Where did you find that?
I believe in principles. In general, where security is the issue, the
principle is, use the security that you need. For example, my company
owns their own servers and doesn't host. We run ASP.Net under the
System account. Now, if you have a problem with that, you might want
to rethink whether almost all of your local machine appplications
should run under the System account (they do).
Microsoft ships all of their software locked down to prevent support
calls and complaints from security issues. In other words, if you
open it, you're responsible for it. That doesn't mean that on every
computer every security setting should be locked down tight. Nothing
would run. It means that security should be configured with full
knowledge of the issues involved.
If it were always a bad idea to run ASP.Net under the System account,
Microsoft wouldn't have bothered to make that option available.
Making the ASP.Net account a Network Admin has much the same effect.
I agree, he's painting with a broad brush, but the objective is to
prevent spills, not to paint with the smallest brush possible.
-- HTH,
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Matt Berther" <mb******@hotma il.com> wrote in message
news:79******** *************** @news.microsoft .com...
Hello Kevin,
So much for the principle of least privilege...
Jeff: What problems are you encountering that you feel that this is
necessary?
--
Matt Berther
http://www.mattberther.com
If you own the server, and you're not running anyone else's ASP.Net
apps with it, sure, it won't hurt.
Kevin Spencer
Microsoft MVP
.Net Developer
Neither a follower nor a lender be.
"Jeff Robichaud" <jf*********@gm ail.com> wrote in message
news:Ok******** ******@TK2MSFTN GP12.phx.gbl...
> Are there any security issues having the ASPNET user account
> member of Administrators ? Is it a good practice ?
>
"Kevin Spencer" <ke***@DIESPAMM ERSDIEtakempis. com> confessed in news:
#Z************* *@tk2msftngp13. phx.gbl: Hi Matt,
First, let me point out that the article referenced was written by 2
consultants, who run their own business. IOW, it is not authoritative.
That being said, I found the article to be pretty solid. Still, the term is
their own, not anything standard.
I copied this from the page you referenced:
"But keep in mind that POLA is a principle of security design, not a hard
and fast rule that must be adhered to at all times, no matter what the
cost. If you don't understand what that means then see ThreeLevelsOfAu dience,
because POLA is for a level 2 audience."
IOW, to quote another brilliant programming philosopher:
"...he's painting with a broad brush, but the objective is to prevent
spills, not to paint with the smallest brush possible."
Just to butt in...
Microsoft has been preaching the principle of least privilege for at least 3
years (that was the last time I visited Redmond and attended some of their
..NET classes), and probably for longer than that.
-- ipgrunt This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Paul C. |
last post by:
Hi folks,
I cannot seem to get my .NET app to successfully login to my Sql Server MSDE
instance. It always tells me that the login for ASPNET failed. My biggest
problem is that I cannot find any tools to let me administer the MSDE
database. How do you guys all do it? Why didn't the MSDE installation take
care of this?
I should tell you that I am running my MSDE instance under the Local
Account, which is Paul, a member of the...
|
by: Ian Taite |
last post by:
Hello All,
ASP.NET has stopped working on my development server. I've read the
various posts re this subject, but my circumstances seem unique. I
need to know what causes the problem and how to remedy it. If possible
I would prefer not to rebuild the server, as the SQL setup is quite
involved, and I'd prefer not to add the ASPNET account to the local
administrators group since that defeats the point of having the ASPNET
account.
|
by: palakwai_919 |
last post by:
We have a Windows 2000 server with Beta 2 of the 2.0 Framework installed and
the 1.1 Framework. For some odd reason when we hit our 2.0 Framework
application we get the following error:
Server Application Unavailable
The web application you are attempting to access on this web server is
currently unavailable. Please hit the "Refresh" button in your web browser
to retry your request.
Administrator Note: An error message detailing the...
|
by: Henrik Dahl |
last post by:
Hello!
From default, the ASPNET user is giving the process identity for the ASP.NET
runtime environment of IIS, however it's possible to change the user by
modifying the <processModel> element in the machine.config file.
Is it possible to have multiple IIS servers running, each with their own
user specified for the process identity or to specify the process identity
specifically for each of the ASP.NET WebForms applications run by a...
|
by: Tommy Christian |
last post by:
Hi,
I have vb6 exe which is used trough COM interface.
Interface and exe works ok, when I use it from .NET windows program.
Then I am working as a user, which I am logged in into current computer -
domain user.
But when I use interface from web service, case is a whole different. I know
that then
I am working as an ASPNET user and it seems that process end's up in some
point in vb6 exe when
| | |
by: the friendly display name |
last post by:
Hello newsgroup,
How do I set up a directory, which only the ASPNET process can access, and
all other users (except admin and the system processes of course) cannot?
Basicaly, a internet user should not access the content of the directory
(only through a .aspx page as a "gateway" )
My idea would be:
Administrators: all rights
|
by: William LaMartin |
last post by:
in Visual Studio 2005 I have a what is now called in 2005 a web site that
when run as a file base web connects fine to SQL Express running on the
local machine. However, when I publish this web to a sub web of the default
web in IIS on the local machine, and load the page that accesses SQL Server
Express in the browser it produces a permission error for ASPNET.
How do I grant ASPNET permission to SQL Server Express? I have read that I...
|
by: SajidKamal |
last post by:
Dear Friends
While Hosting My Application On Hosting Server, i am geting error bellow.
please help me ought.
Server Error in '/' Application.
--------------------------------------------------------------------------------
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file...
|
by: davez |
last post by:
Hello there
I'm trying to launch a simple C++ application from my website (on the server side). It even runs, imagine that. However, when it tries to open a simple text file (for either read or write) it fails.
(BTW, I used in order to run it:
"WshShell = Server.CreateObject("WScript.Shell")
...
oExec = WshShell.Exec(CommandLine)"
but it didn't open a shell window but ran the application in the background instead. how do I change...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
