20.5. Impersonation
In ASP.NET, all code runs under a carefully limited account. In Windows XP, this is typically an account that ASP.NET creates automatically, which is named ASPNET. In Windows Server 2003, Windows Vista, and Windows Server 2008, ASP.NET uses the network service account instead.
The account that ASP.NET uses determines what Windows will allow your application to do. As you've already learned earlier in this book, this account needs to be able to access the databases you want to use, the files you want to change, and so on. From a security standpoint, this design makes sense, because it limits what your application can do if it's tricked into performing the wrong action or compromised in some way.
Obviously, the permissions ...
Get Beginning ASP.NET 3.5 in C# 2008: From Novice to Professional, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
