So, we run all our servers hardened. Which is a good thing since I just had a hacker trying to break into the webserver that houses CS2007RC1. Exactly which folders do I need to give Network Service additional priveledges besides read to make everything work?
Thanks!
Our IT department is going to be running a formal risk assessment on our CS installation which I will hopefully hear about by the end of the month. I'll let you know what they report. For the CS team members and MVP's, are there any issues that they should look into? As well, to reiterate Doug's question, what are the minimal privileges that each folder needs for the install needs to run properly?
Out of the box CS 2007 looks like most ASP.NET applications where Read for the worker process and anonymous user identities is sufficient. There are a few folders where modify rights will be needed as well. This will be great stuff for the installation document which I suspect (hope) we'll see tomorrow with the RTM bits. One thing I would advocate is that minimal permissions be used in the guidelines as part of secure computing practices. It seems it's all too easy to fall back to "Full Control" and "db_owner" rights.
Cheers,Colin
Copyright© 2008 Telligent Systems Inc. All rights reserved CommunityServer.com • Telligent.com