Did you know that Process.Start always uses the security context of the parent ASP.NET process?
Need proof? Write a simple ASP.Net application that launches "whoami.exe" and captures the result. No matter how you configure your Web.Config file, you will always see the "ASPNET" local machine account. You could, yes, change Machine.Config however, that will change the process owner of all spawned processes and the entire ASP.Net application framework. Probably not what you want.
Here is a good blog entry about this on CodingHorror.
However, all is not lost. Microsoft shows us a way to spawn a process that runs under the context of the impersonated user in Microsoft ASP.NET pages .
An alternate implementation of a method called CreateProcessAsUser() can be found in this CreateProcessAsUser blog entry on Ode to Code.
Microsoft also has some useful information about System.SecurityExceptions that can occur.
My research into this topic, for a work-related issue, led me to this Building Secure ASP.NET Applications site . If any of the above links confuse you -- tokens or impersonation, for example -- this Microsoft Patterns & Practices chapter is very useful. Not only does it explain a lot of the basic Win32 security concepts required for making effective use of ASP.Net impersonation and the CreateProcessAsUser() method but you can learn a fair amount related to general .Net security and secure application design.
No comments:
Post a Comment