How can the standard AppPool identity have permission to pop up a debugger window
Question
I've tried to add
System.Diagnostics.Debugger.Launch();
to my IIS ASP.NET web site code. I run the application as the standard AppPoolIdentity user and it pops up a debug window where I can choose to attach VS2010 and debug the process. My question is, what allows the AppPoolIdentity (virtual) user permission to interact with my desktop? Normally that's not allowed. This was tested on Windows 7 x64.
Thanks!
2 answers
solution1
1 ACCPTED 2011-06-13 20:35:29
When an unhandled exception occurs, there is a check done in the registry to see which debugger is listed.
32 bit systems use: KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\Debugger
This can also be the source of a security vulnerability - see http://support.microsoft.com/kb/923827
for details on the AEDebug registry key see: http://msdn.microsoft.com/en-us/library/5hs4b7a6.aspx
The app pool identity isn't interacting with your desktop - the debugger request is. Nothing has 'interacted' until you choose to debug, at that time the debugger is launched and you attach to that process.
solution2
0 2011-06-13 19:45:16
The easist thing to do is in VS attach to process, choose IIS. You can set a breakpoint in your app and it will stop on the breakpoint. It will stop every web site on your pc too!!!!
The other thing you can do is set the debugging mode on your app. The default is just my code. Tell it to debug native code too.
here was a question like yours How to start aspnet_wp.exe without firing Application_Start event
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.