简体繁体 English

IIS 7.5 ISAPI应用程序池安全性

[英]IIS 7.5 ISAPI Application Pool Security

原文 2012-10-25 03:58:23 9 1 security/ iis/ iis-7.5/ isapi

I'm running an ISAPI dll under IIS 7.5, and wish to use Bill Egge's ISAPI Loader dll so an updated dll can be swapped out without stopping the server. 我正在IIS 7.5下运行ISAPI dll，并希望使用Bill Egge的ISAPI Loader dll，以便可以在不停止服务器的情况下换出更新的dll。

If I set the security on the directory holding the DLL to "everyone" with "full control" then it works as designed (a dll with an *.update extension automatically causes the existing *.run dll to be backed up, and the new dll to be renamed with the *.run extension). 如果我将包含DLL的目录的安全性设置为具有“完全控制”权限的“每个人”，那么它将按设计工作（带有* .update扩展名的dll会自动导致备份现有的* .run dll，而新的dll以* .run扩展名重命名）。

Obviously I do not wish to use the "everyone" account as this blows the security wide open. 显然，我不希望使用“所有人”帐户，因为这会使安全性大打折扣。 So I have removed the permissions for "everyone". 因此，我删除了“所有人”的权限。

My app runs under an application pool - "TestAppPool". 我的应用程序在应用程序池“ TestAppPool”下运行。 I have followed the top rated answer at IIS7 Permissions Overview - ApplicationPoolIdentity and added security for user "IIS AppPool\\TestAppPool" to "full control". 我遵循了IIS7权限概述 -ApplicationPoolIdentity的最高评价，并将用户“ IIS AppPool \\ TestAppPool”的安全性添加到“完全控制”中。 However this does not allow the *.update dll to overwrite the *.run dll. 但是，这不允许* .update dll覆盖* .run dll。

Can anyone point me in the right direction. 谁能指出我正确的方向。

1 个解决方案

多亏了Rich，答案是为托管isapai dll的目录上的IUSR帐户授予修改权限。

IIS安全性：为什么使本地托管的xml文件可被应用程序池帐户写入是危险的？ - IIS Security: Why is it dangerous to make locally hosted xml files writable by the application pool account?

IIS7.5和MVC 2：实现HTTP（S）安全 - IIS7.5 and MVC 2 : Implementing HTTP(S) security

使用共享配置时IIS 7.5中的代码访问安全异常 - Code Access Security Exception in IIS 7.5 when using Shared Config

安全问题IIS7.5 / IIS APPPOOL \用户未经授权但具有完全控制权？ - security issue IIS7.5 / IIS APPPOOL\user not authorized but has full control?

授予对IIS应用程序池的访问权限以读取注册表 - Giving Access to IIS Application pool to read registry

IIS 7.5中的安全例外和IIS 7.5中的“加载用户配置文件”选项 - Security exceptions in ASP.NET and Load User Profile option in IIS 7.5

IIS7 中托管的应用程序中的安全异常 - Security Exception in application hosted in IIS7

在IIS 7中以编程方式为自定义身份应用程序池设置用户帐户 - Programmatically set up user account for custom identity application pool in IIS 7

IIS7.0中ASP的应用程序池标识问题 - Application pool Idenity issue for ASP in IIS7.0

如何在Windows 7 / IIS 7.5上正确设置具有中等信任度的mvc3 Intranet应用程序 - How do you setup correctly an mvc3 intranet application with Medium trust on Windows 7 / IIS 7.5

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 IIS安全性：为什么使本地托管的xml文件可被应用程序池帐户写入是危险的？ - IIS Security: Why is it dangerous to make locally hosted xml files writable by the application pool account? IIS7.5和MVC 2：实现HTTP（S）安全 - IIS7.5 and MVC 2 : Implementing HTTP(S) security 使用共享配置时IIS 7.5中的代码访问安全异常 - Code Access Security Exception in IIS 7.5 when using Shared Config 安全问题IIS7.5 / IIS APPPOOL \用户未经授权但具有完全控制权？ - security issue IIS7.5 / IIS APPPOOL\user not authorized but has full control? 授予对IIS应用程序池的访问权限以读取注册表 - Giving Access to IIS Application pool to read registry IIS 7.5中的安全例外和IIS 7.5中的“加载用户配置文件”选项 - Security exceptions in ASP.NET and Load User Profile option in IIS 7.5 IIS7 中托管的应用程序中的安全异常 - Security Exception in application hosted in IIS7 在IIS 7中以编程方式为自定义身份应用程序池设置用户帐户 - Programmatically set up user account for custom identity application pool in IIS 7 IIS7.0中ASP的应用程序池标识问题 - Application pool Idenity issue for ASP in IIS7.0 如何在Windows 7 / IIS 7.5上正确设置具有中等信任度的mvc3 Intranet应用程序 - How do you setup correctly an mvc3 intranet application with Medium trust on Windows 7 / IIS 7.5

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM