run as -- iis security

Mészáros_Tamás
11/9/2004 12:20:08 PM

Hello!

I have the following problem:

I would like to create several Virtual Directories in IIS, and give them
to different users. But all their sessions will run as Network Service
user, and so the users will be able to read the entire content of other
users virtual directory with a simple aspx script, because Network
Service must have read right to everything. How could I prevent this?
Should I put these virtual directories to different Application pools?
Isn't there any other solution?

Thanks in advance

Bernard
11/10/2004 11:53:55 AM

Network services is the process identity, you should look at request
identity, by default anonymous access is iusr account. Hence, one way is to
do this is to remove anonymous access to the file and grant related NTFS
permission to the file, users will get prompt when accessing those resource,
IIS will serves the file if upon proper authentication and authorization.

--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/

[quoted text, click to view]

iis security : run as