本文讨论了在 SharePoint 2010 中使用高权限帐户作为应用池和服务帐户所带来的安全风险,并强调了 Farm Administrator 帐户不应被用于其他服务中。
A user account that is used by application pools or services must have permissions of a domain user account and must not be a member of the Farm Administrators group or a member of the Administrators group on the local computer. Using highly privileged accounts for application pools or services poses a security risk to the farm, and could allow malicious code to execute.
The Farm Account, which is used for the SharePoint 2010 Timer service and the Central Administration site, is highly privileged and should not be used for other services on any computers in the server farm. Services in the farm were found to use this account.
扫一扫
851
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
