473,471 Members | 1,874 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Prevent access to advapi32.dll RevertToSelf()

Hi All,

Sorry to crosspost but it's a security and an ASP.NET problem I have.

We run each website site under it's own I_<user> account and ASP.NET is
configured to impersonate so requests run under the identity of the
I_<user> account.

In windows 2000 server how do I prevent a user from calling
RevertToSelf() in advapi32.dll and unwinding the impersonation? e.g.

[DllImport(@"C:\WINNT\system32\advapi32.dll")]
public static extern bool RevertToSelf();

void Page_Load(Object sender, EventArgs e) {
// at this point the request is running under impersonation as
I_<user>
RevertToSelf();
// afterwards it undoes the impersonation and the request is
now running as <MACHINE>\ASPNET
}

I've looked into building a .NET security policy to do this but I'm a
bit stuck.

Thanks in advance.
Kevin

Nov 19 '05 #1
2 2186
Sorry I should also have said windows 2003 server as well.

Kevin

Nov 19 '05 #2
In addition to what Dominick said, under 2003, I suggest running each app in
its own AppPool, setting the process identity to the identity you want to
use and disabling impersonation via web.config. Then, it is a non-issue.

Joe K.

<ke*********@zygonia.net> wrote in message
news:11*********************@g43g2000cwa.googlegro ups.com...
Sorry I should also have said windows 2003 server as well.

Kevin

Nov 19 '05 #3
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
Impersonate user from ASP.NET - access to network file share
by: Michelle | last post by:
Hello! I have an ASP.NET application (1.1 framework) that needs to be able to read/write files on a network share. The access to this file share will be fairly restricted, so I need to...
.NET Framework
5
CGI Problem on MS IIS 5.0 - Trying to access files on other machines
by: paulp | last post by:
Greetings, I'm working on a CGI program that will run under MS IIS 5.0 and will browse folders on three other machines, building HTML pages that will provide links to these folders. ...
Python
3
Open Excel from Access
by: M Fisher | last post by:
I have an Access XP Database. On one of the forms I have a button that opens and Excel Spreadsheet as follows: Dim xl As Excel.Application Set xl = New Excel.Application...
Microsoft Access / VBA
0
Creating PDFs from Access 2003 on Windows XP
by: musicloverlch | last post by:
I used to be able to create PDFs, automatically save them to a file, and mail them out to people. This was on Access 97 with Windows NT. We've changed to Windows XP and Access 2003. Doesn't work...
Microsoft Access / VBA
2
EventLog Access using impersonation in Windows Server 2003
by: cjk | last post by:
Issue Our web application requires access to write to a custom event log, yet access is denied. This access is denied because we are using impersonation, and our end-users do not (should not) have...
ASP.NET
11
Anonymous access + Windows Authentication
by: Eric | last post by:
Hello, I have a web app that uploads files to a file server (different box than the web server). The application uses NT integrated authentication, but no users should have permissions to the...
ASP.NET
3
Get last access date of desktop shortcut
by: yxq | last post by:
Hello, The XP Desktop clean wizard can get the last access time of desktop shortcut, i found that the info come from ...
Visual Basic .NET
2
Using RevertToSelf in DLL to be used from classic ASP webapplication
by: Marja Ribbers-de Vroed | last post by:
Hi, I've developed a COM DLL in Visual C++ to generate a digital signature based on a certificate read from a PFX file. This DLL is used in a classic ASP webapplication to digitally sign a XML...
.NET Framework
1
Access VBA - automatically printing reports to PDF at specific location
by: billelev | last post by:
Here is some code that I have adapted slightly. It allows a report to be printed to a specific location. It works by calling SaveReportAsPDF and specifying the access report name, and the root...
Microsoft Access / VBA
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
1
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
muto222
php
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us