The IUSR_MachineName context is the anonymous context under which load processes run within windows. As a comparison, let them know that they are essentially creating an environment where a guest account is being given administrative privileges and then exposed to the world.
In such a context, you can somewhat mitigate some of the risk by using application level firewall, alocal URI preprocessor, and being VERY careful that you put proper [lack of] privileges in place on the overall filesystem, except for specific resources which are allowed. Your IIS configuration and hardening also becomes key. Stringent monitoring will need to be in place. Obviously, if they move forward with this configuration, make sure that network access control has been configured appropriately so that any compromise of this machine is mitigated in terms of affecting any other resource in the enterprise. Realistically, they need to understand that they might as well just hand out administrative access to that machine or just make the IIS site run under administrator in the first place as there seems VERY little reason to make the privilege separation if you are then going to thwart it by granting the subordinated account administrative privilege. Wayne S. Anderson -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, October 27, 2006 8:54 AM To: [email protected] Subject: IIS Security We've a vertical package that includes a web based portal. (quite common for many Enterprise packages) The problem lies in some of the requirements that the company puts on running this portal. The major one is that of adding the IUSR_machinename account to the local admin group. I know this is horrible, but need specific reasons why this shouldn't be done so that I can bring it to my boss and get it fixed. Thanks --------------------------------------------------------------------------- ---------------------------------------------------------------------------
smime.p7s
Description: S/MIME cryptographic signature
