Fog Creek Software
Discussion Board




Welcome! and rules

Joel on Software

Proper Security for ASP.NET

I have an ASP.NET application that will be put into production soon. I would like the application to be able to write to the Event Log when an error occurs, but to do this I need to use an account with higher permissions then the default ASPNET account. What is the proper account to use, and am I exposing the server to possible hacks by using an account with higher persmissions?

Bill
Monday, March 17, 2003

The the 'Process Identity for ASP.NET' section in the following article might be helpful.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch08.asp

Sergio
Tuesday, March 18, 2003

Thanks Sergio. I'll have to do some investigation.

Bill
Friday, March 21, 2003

*  Recent Topics

*  Fog Creek Home