0

Subject says it all really,

Thinking on security terms, I want to give each site on my server its own user account, so that they can't access each other's data. I also want to use integrated authentication for sql so i dont have any passwords knocking about in connection strings.

Is it a bad idea to use the same account for the app pool identity and the anon user account for iis (im interested in answers for both v6 and 7)?

Edit: ive seen this post describing how IIS7 allows you to automatically use the same account, but the question of whether its a good idea or not remains ;)

If so, why?

Thanks

Andrew Bullock
  • 191
  • 1
  • 1
  • 13

1 Answers1

1

The app pool account is used to access resources on behalf of the webserver, before authentication (even anonymous). That's how IIS reads things like the web.config, as the app pool user.

Once authenticated, if the anon account and the app pool account are the same, the anonymous user can read web.config. IIS won't serve it, but the user can read it.

So, is it a bad idea to run in that configuration? No, and as you noted, IIS7 will let you do it by default. However, it is a better idea to run them with discrete accounts, because they are separate concerns.

In my real-world experience, using the same account for both is just fine. If someone wants the extra hassle associated with the better security, then I choose the separate account option.

HTH

M Aguilar
  • 879
  • 5
  • 5