本文讨论了在Windows Server 2008环境中,使用内置账户运行应用程序池的安全性和性能优势。推荐使用本地服务账户而非系统账户,并解释了为何这样做更为安全且高效。
I normally would create a limited rights user and run the process under that but the fact that pools automatically created under IIS7 in 2008 use this account makes me think that this is perfectly safe, and possibly more so than something I create? The whole Secure By Default push from Redmond would lead me to believe this is the case.
Answer
Yes it is safe. Services and Service Accounts Security Planning Guide
One more thing. It is even better to use the local service account ( not to confuse with local System account! ). It has the same permission on the local server as network service. But does not have network permissions. The network service can access network resources with the permissions of the computer account ( like authenticated user ).
Update 1 ( reply to comment):
As far as I understand. both option will work. Your application code is not running ( by default) under the application pool identity. But under the identity of the user that authenticate to your site. Or, if anonymous user are allowed, the iuser_computername account. The reason that the application pool identity is important, is that you can by code, so attacker that inject his code can too, to change the identity of your application to the application pool identity.
That said, There are further complication that are too numerous to post.
so if my code has to kick off a call to web service (from the server side), local service wont work but network service would?
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
