Re: another question about encrypting web.config sections

Well - there are two different threat models

- reading data on a machine
and
- executing code on that machine

the latter is obviously much harder.

The purpose of protected config is to protect you against threat #1.


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

I added a page to my site (in a secure folder that only my login has
access to) that lets me (and only me) encrypt or decrypt the
web.config at will. Ok, so far so good.

What I don't understand is that if a hacker can get to my web.config,
certainly he could probably get to my encrypt/decrypt page and run the
decrypt button. If I delete that page from the site, so what? Anyone
who knows this stuff could put a similar page up there.

I really don't see the point of all of this. It seems like locking
your front door but leaving the key on a nail near the door knob. I
must be missign something. Can anyone shed some light on this for me?
It seems so full of holes.

Thanks,

Keith



.