On Thu, 13 Nov 2003 10:08:13 -0600 Frank Knobbe <[EMAIL PROTECTED]> wrote: > On Thu, 2003-11-13 at 08:41, Volker Tanger wrote: > > > Ideally the Apache exe should be running as an unpriviledged user. > > > but then, ideally the IIS server should be running as an > > > unpriviledged user too.... > > > > Well, running a kernel task is a bit difficult to do unprivileged... > > The reason IIS4+ runs as SYSTEM appears to be to gain performance. I > guess running IIS as a kernel module and having less context switches > does do well for performance (like an Apache LKM), but unfortunately > not for security. > What specific kernel task were you referring to?
Sorry, vague wording on my side. I meant exactly the "kernel module" part you mentioned when saying "kernel task". Did not work with IIS for the last few years, so memory suffered (obviously). Bye Volker Tanger ITK-Security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
