D
Donald Welker
I'm writing ASP.Net using VS 2003. Developer PC is Win2KS, production is
Windows 2003 Standard. My application runs under SSL and impersonates the
logged on user, so its base security context is the Network Service. I've
also created a custom event log to record throw exceptions and a few
informational events. Naturally this causes problems in the deployed server
so I've had to tailor the SDDL string to remove the deny for Domain Guests
for my custom log, I perceive this to be more secure than removing Network
Service from Builtin Guests.
What I need to know is how to modify the SDDL string when my custom event
log is installed (yes I've built an installer.) Do I have to explicitly
access and modify the registry value CustomSD?
Windows 2003 Standard. My application runs under SSL and impersonates the
logged on user, so its base security context is the Network Service. I've
also created a custom event log to record throw exceptions and a few
informational events. Naturally this causes problems in the deployed server
so I've had to tailor the SDDL string to remove the deny for Domain Guests
for my custom log, I perceive this to be more secure than removing Network
Service from Builtin Guests.
What I need to know is how to modify the SDDL string when my custom event
log is installed (yes I've built an installer.) Do I have to explicitly
access and modify the registry value CustomSD?