Registry access permission doesn't obey impersonated user
From: Karim (karim3411_at_!!yahoo!!.com)
Date: 09/03/03
- Next message: Lewis Wang [MSFT]: "Re: Security problems when running code from different machine"
- Previous message: Scott M.: "Re: Printing from ASP.NET"
- Next in thread: alexey: "Re: Registry access permission doesn't obey impersonated user"
- Reply: alexey: "Re: Registry access permission doesn't obey impersonated user"
- Reply: Hernan Ochoa: "Re: Registry access permission doesn't obey impersonated user"
- Reply: Hernan Ochoa: "Re: Registry access permission doesn't obey impersonated user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 2 Sep 2003 21:40:19 -0700
I have an asp.net application that impersonates a user. I did a test for
reading a registry key and noticed that the app can read the key even
though the user does not have access to that key. aspnet user does not have
not access either. After denying read access to the key for different
users, I found out that the INTERACTIVE user is the one that determines the
permissions.
How can I deny asp.net apps from reading the registry? Why isn't the app
following the impersonated user's registry permissions?
karim
- Next message: Lewis Wang [MSFT]: "Re: Security problems when running code from different machine"
- Previous message: Scott M.: "Re: Printing from ASP.NET"
- Next in thread: alexey: "Re: Registry access permission doesn't obey impersonated user"
- Reply: alexey: "Re: Registry access permission doesn't obey impersonated user"
- Reply: Hernan Ochoa: "Re: Registry access permission doesn't obey impersonated user"
- Reply: Hernan Ochoa: "Re: Registry access permission doesn't obey impersonated user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
