asp.net - System.Diagnostics will allow user kill their own process in IIS7 -
hosted customers in iis7 can use asp.net , system.diagnostics list system's process id. can kill ones belong own application pools. seems big security problems in iis7 shared hosting environment. suggestions on how prevent normal users accessing system.diagnostics? how limit administrators only?
unlike windows 2003 , iis6, many shared windows 2008/iis7 hosting environments provide customers dedicated application pools , full trust.
whilst customers may able launch , kill own processes (including own worker processes), provided identity of account site runs under locked down no real harm can done. benefit customer having code kills own application pool (other force restart of worker process allow application_start
type events fire if need reload settings there)?
i work shared hoster, provide customers ability start, stop , recycle dedicated pools via our admin system, doing in code pretty same thing.
the worst can happen customer launches process consumes large amounts of memory or excessive amount of cpu (but own asp.net code can run away out of control doing same). monitor our servers continuously such anomalous behaviour , can track down culprit within 2-3 minutes of being alerted. end user friendly warning , told not again, if site instantly shut down.
the time i'd worried if hoster running shared pools @ full trust, if they're doing have whole other security headache overcome, process killing least of worries.
Comments
Post a Comment