I'm a newbie. For impersonation in IIS, what do you think about it? I think it's unsafe. How can IIS spawn a Win32 thread to handle user request with user's identity? Does this mean this thread can do anything using user's identity without user's permission? For example, this thread can connect to other servers and do operations with user's identity.
Asked
Active
Viewed 107 times
0
-
"What have you tried?" - i.e. which papers and documentation did you read to justify/falsify your assumptions? – Uwe Keim Jan 08 '13 at 11:22
-
This question is likely to solicit debate and isn't likely to get a good response here. You'd be better asking this at Programmers.StackExchange.com – Paul Turner Jan 08 '13 at 11:51
1 Answers
1
When using impersonation you would generally create a user with only enough privileges to do what is required of it, e.g. read contents of a folder in c:\inetpub\wwwroot. Similar to how you wouldn't create a DB user that can delete tables when all you need is for it to read some values.
Fermin
- 34,961
- 21
- 83
- 129
-
Maybe I didn't make it clear. For local resources, I think this is acceptable because these resource are managed by both IIS and users who make requests. But I think this shouldn't be applied to remote resources. Remotes resources are managed by other servers, it's strange that IIS can access those resources by using user's identity without user's permission. For the second case, I asked another [question](http://stackoverflow.com/questions/13449221/iis-failed-to-call-oledb-apis). – moshangcheng Jan 08 '13 at 14:55