[lvs-users] Single-lan config?

Graeme Fowler graeme at graemef.net
Mon Oct 13 21:23:48 BST 2008


On Mon, 2008-10-13 at 15:13 -0500, David Dyer-Bennet wrote:
> My desktop system is part of the corporate domain.  So are the desktops of
> the people doing Windows development.  Why would making a server part of
> the domain be any more dangerous than that?  And that's standard anywhere
> that does Windows development.

You're personally fairly unlikely to run code as a system account,
especially when developing - you're more likely to run it as yourself.
Of course, many developers and sysadmins make themselves admins on their
own machines (makes installing software just *so* much more convenient
than doing "runas") so the security arguments in those cases are
slightly damaged anyway :)

Allowing arbitrary code (think of the mass of .NET examples out there)
to be executed under the IIS framework is a dangerous game, especially
(as is often the case) when it's being executed by a user with elevated
privileges (like the Network Service user which IIRC is the default user
for IIS code execution).

This is, of course, a massive Catch-22 for hosting operations, and is
the reason why app pools came along in IIS6 which allowed almost
complete segregation of execution environments which themselves ran as
non-privileged users. Much tidier than it used to be.

In your environment you might not be exposing the web servers to that
nasty Intertubes thingmy, which makes security all the easier to manage.

Graeme





More information about the lvs-users mailing list