Re: Win2k3 Event Log and Security: Must choose between security and trustworthy
andrew
Date: 04/29/03
- Previous message: Yan-Hong Huang[MSFT]: "RE: Validate User Credentials against active directory"
- In reply to: Jonathan Folland: "Win2k3 Event Log and Security: Must choose between security and trustworthy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Apr 2003 17:11:54 +1000
"Jonathan Folland" <jfolland.nospam@earthlink.net> wrote in message
news:esk8%23kHCDHA.2704@TK2MSFTNGP11.phx.gbl...
> 1) Write a Program to create the event log and its sources in the
registry.
> Run this program under a user account that has administrative privileges.
>
> In my opinion, this is not a very good solution. What happens if a
> developer fumble fingers the name of the event log or its source or during
> coding of the application developers create new sources. In order for
this
> to be effective, someone would need to write a program that scanned all
> source code for methods of New EventLog and WriteEntry, then parse the
> method arguments to come up with a comprehensive list of Logs and Sources.
> How many development shops are going to do this so that they can write to
> the event log?
I don't know how you write to the event log throughout your web application
but I'd think that any reasonable OO design would ensure that a dedicated
class is responsible for doing this in which case your point would be mute.
Strongly typed methods always beats fumble fingers :)
I think creating the sources via a setup program is the best solution, but
it also requires a good application design.
andrew
- Previous message: Yan-Hong Huang[MSFT]: "RE: Validate User Credentials against active directory"
- In reply to: Jonathan Folland: "Win2k3 Event Log and Security: Must choose between security and trustworthy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
