Subject says it all really,
Thinking on security terms, I want to give each site on my server its own user account, so that they can't access each other's data. I also want to use integrated authentication for sql so i dont have any passwords knocking about in connection strings.
Is it a bad idea to use the same account for the app pool identity and the anon user account for iis (im interested in answers for both v6 and 7)?
Edit: ive seen this post describing how IIS7 allows you to automatically use the same account, but the question of whether its a good idea or not remains ;)
If so, why?
Thanks