IIS Server Security - privileged operation by non-priviliged user

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > March 2007 > privileged operation by non-priviliged user





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author privileged operation by non-priviliged user
KaPes

2007-03-14, 7:26 am

System : IIS 6 on Windows 2003 SP1

I have created few ASP pages which perform some privileged operations if run
under privileged account, Now the users who will access these pages don't
have that privilege themselves, and I can't give that privilege to them.

My requirement is
1. Restrict access to this pages based on user's group membership (I think
NTFS permission on ASP pages will help here.)
2. ASP pages themselves run under privileged account so that privileged
operation can be done by non-privileged but properly authenticated people.

How do I configure IIS to handle this ?


--
~~~~~~~~~~~~~~~~~~~~~~~
"Chance Favors The Prepared Mind"
~~~~~~~~~~~~~~~~~~~~~~~
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com