I would like to ask all the people that have written windows control panels how they deal with security.
As i see it the easiest way to administer IIS is using ADSI. And to use ADSI you need to be running as an admin.
Now i would think people would use a com and run it as an admin though com+.
What i would like to know is, do you create a new user, add it to the admin group and run the com+ as that user, thuse you know the username as password of an admin account on that machine?
If so you have control over anyone's machine who is running your CP.
I know there are other ways to get the com or exe running as an admin i would just like to know if anyone is using the method that i outlined.
I emailed a couple of people who have written cp's and looked at the code and found this method was used.
I don't want to name, names but i would just like people to know what a security risk could be present.
I would like to make it clear that im not pointing the blame at people for using this method but if they do i would like them to reply and tell everyone how they make it secure!!!
PS. i have overcome this problem by creating a user and then getting a script to generate a random password. The password is stored in the setup script so that the com+, com can be run as admin but after setup is finished the password isn't kept.