Windows Security


We could devote hundreds of pages to Windows security, but this isn’t the place for such a treatise. Instead, we’ll skim through the important features, most of which you’re probably familiar with already.

All versions of Windows manage security in terms of users and groups. The exact mechanism varies because Active Directory might play a part, users might be local or maintained by a server, and users might have varying amounts of information attached. However, every user must have a username and a password.

You control access to various resources via access control lists (ACLs) and grant it on a per-user or per-group basis (where all users belonging to a group get the security privileges of that group). For example, files have ACLs that match up users and groups with the ability to read from the file, write to the file, and so on. File ACLs are usually hierarchical—permissions applied to one directory propagate down to subdirectories. However, propagated privileges can be overridden by file-specific ones.

Windows also maintains some special user accounts that are used internally. The System account, for example, is used to run processes that the user isn’t involved with. Most often this account applies to Windows services and the inner workings of the operating system. Without such accounts, not much would be possible without a user logging in. It would be a bit of a pain, for example, if you had to log in to make Microsoft SQL Server work. This would also mean that such services would get only the same privileges as you do, which might not be enough to function.

By default, ASP.NET Web services run in one of these special accounts, with the username ASPNET. We’ll look at the implications later in the chapter.




Programming Microsoft. NET XML Web Services
Programming MicrosoftВ® .NET XML Web Services (Pro-Developer)
ISBN: 0735619123
EAN: 2147483647
Year: 2005
Pages: 172

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net