Re: user account settings for vs.net

Tech-Archive recommends: Speed Up your PC by fixing your registry

From: Pam Ammond (pam_at_empoweringyou.com)
Date: 09/13/04 

Date: Mon, 13 Sep 2004 08:01:09 -0700

Thank you for the excellent info.

I created the new account and made it a User, Debugger User, and VS
Developers.

I do not see IIS_WPG as a user or group, so I think I have work to do on IIS
before I can continue. Any suggestions on what I need to do with IIS_WPG? I
know it means worker process, so maybe I'm misunderstanding what you told me
to do.

I don't think I need this account to be a member of the Power Users Group
since I am not using legacy applications. Correct me if I'm wrong.

I am going to download the direct connection to Microsoft Access but my
guess would be that I don't need any additional rights to work with an Access
database in VS.NET.

At those times that I am using Access as a back end database, do I need to
have SQL started? Does VS.NET use SQL Server itself for any reason other
than if I connect to SQL via ADO.NET? If not then I would like to stop it
for security reasons. How much of a security threat is having SQL on an XP
computer if it is Stopped? Any? Are there still open ports to contend with?
Or other vulnerabilities related to SQL if it is Stopped?

I disabled the ACTUser account until I need to do application center testing
and I will now start testing VS.NET with my new non-Admin account.

I will add additional info to this thread within a few days once I figure
out what to do with IIS 6. I am still very unclear about what I need to do
with IIS if I am only developing and testing on one machine, versus if I am
developing on this machine and uploading and debugging on another server, and
the role that IIS plays in both scenarios. I want to be clear about what is
needed and security on this machine in both situations, so I have some
reading to do. If you have any suggested KB or articles, please post them.

Thanks,
Pam

"lukasz" wrote:

> Make a user that is in the groups: "Debugger Users", IIS_WPG, "VS
> Developers" -- it should be sufficient. If not, maybe "Power User" will be
> necessary. You will also need to grant yourself (and IIS_WPG) access to SQL
> Server (you'll need an admin account to set it up). I remember I wasn't able
> to stop or start SQL Server when I was not an Admin.
>
>
> U¿ytkownik "Pam Ammond" <pam@empoweringyou.com> napisa³ w wiadomo¶ci
> news:F82C0F68-0801-4A41-A65F-4F52CF7AD327@microsoft.com...
> > I have a development and testing XP computer with SP2 on it. I would like
> to
> > create a user account that allows full functionality in VS.NET 2003
> > development and will allow me to use it's associated programs (IIS and
> SQL)
> > as they relate to development in vs.net, and yet will prevent a possible
> > takeover of my computer due to the XP SP2 leak for the admin user account
> > that was reported in the news. Is it possible to set up a user account to
> > meet this criteria or because it is a development and test machine do I
> need
> > to live with using the admin account? I know all of your security
> seminars
> > said to set up a more limited account, but I haven't done it yet since I
> > wasn't sure what to set it to.
> >
> > Also, I know when I installed VS.NET, IIS, and SQL Server 2000 it asked
> for
> > my admin account, probably in SQL. If you suggest I set up a more limited
> XP
> > user account, where would I change what is needed to use the new user
> account
> > in my Visual Studio environment and associate programs?
>
>
>

Relevant Pages

  • Re: How good is Comodo Internet Security?
    ... Admin account + web browser + LUA token ... admin account opposed of running as iam now, which is JUST PURE admin level? ... While LUA gives added security, ... payload delivered by a buffer overrun (assuming the app was allowed to ...
    (comp.security.firewalls)
  • [NEWS] Xpede Found to Contain Multiple Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Intellisol Xpede ... anyone with a valid Xpede user account to issue requests to the Xpede's ... name used by Xpede to perform all its SQL queries. ...
    (Securiteam)
  • Re: ASP.NET Process Identity???
    ... In the application I not need/want to create user accounts into SQL Server. ... To control the security I have created a personalized security system. ... you can switch back to normal ASPNET machine account for the ... >> Public Class Personificacion ...
    (microsoft.public.dotnet.security)
  • Re: Windows vs SQL
    ... I would also add that with the sql security, ... account is a "known" entity in that a hacker knows that it exists and there ... >>> im always hearing that ms recommends trusted security ...
    (microsoft.public.sqlserver.security)
  • Re: How to use EFS to encrypt SQL DB file
    ... You want to make sure that SQL is starting here with an ... account that has the right to decrypt the mdf file. ... For information about the Microsoft Strategic Technology ... Protection Program and to order your FREE Security Tool Kit, ...
    (microsoft.public.sqlserver.security)