Re: Win2k3 Event Log and Security: Must choose between security and trustworthy

From: Roger Down (roger.down@c2i.net)
Date: 04/23/03

  • Next message: Marten Engblom: "Re: X509Certificate and aspnet_wp" 
    From: "Roger Down" <roger.down@c2i.net>
Date: Wed, 23 Apr 2003 15:20:39 +0200

    Thanks Jonathan for taking the time to write about this important issue...

    I have seen many solutions for this problem, and I consider most of them
    hacks... just to get some sort of access to the eventlog. There should be an
    easier way to have some simple write access to the default eventlog...
    perhaps from web.config or something. I am not a security expert, but how
    dangerous could that be ??

    Today I use this "hack" on Windows 2003...:

    1. Open RegEdit
    2. Goto HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\
    3. From the menu, choose Edit->Permissions
    4. Click the Add button and write NETWORK SERVICE.
    5. For the NETWORK SERVICE account, set the "appropriate" eventlog
    permissions.

    There must be a better/safer/easier solution than this, to achieve some
    simple write access to the eventlog ?

    Microsoft document "Building Secure ASP.NET Applications: Authentication,
    Authorization, and Secure Communication" located at
    http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch08.asp have
    some lines about "Accessing System Resources".

    Best of regards...

  • Next message: Marten Engblom: "Re: X509Certificate and aspnet_wp"
    • Quantcast