impersonate permission

Results 1 to 2 of 2

Thread: impersonate permission

  1. #1
    Join Date
    Dec 1969

    Default impersonate permission

    I bought asp shopping cart system which places forms on pages i create in dreamweaver and save with .asp extensions. The cart needs RXWD permissions for the IURS user on the access database to work. I was told by my host that this is very insecure, and that i should use the impersonate function instead. He said i would have to find some code to paste on each page that needs to write to the database that is specific for the impersonate function (that would be my .asp product pages). Do you know what this code would be?

  2. #2
    Join Date
    Dec 1969

    Default RE: impersonate permission

    &#062; I was told by my host that this is very insecure<BR><BR>A lot of hosts seem to say that, and none of them seem to realise that impersonation is just as insecure in the wrong hands, if not more so. At least the IUSR account is a low-privilege account in the first place.<BR><BR>as for impersonation, not easy with classic ASP - but much easier with ASP.NET. Personally I&#039;d be considering changing hosts at this point.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts