I'm about to embark on a small ASP project to give our users the ability to manipulate their Declude spam files. This will require that the script go into the registry to read some IMail information. We have hundreds of users, so I am not going to be using NT authentication, but a custom auth system based upon email address and password.
This will be running on a Win2000 server and IIS5, so naturally, the anonymous user that the ASP scripts will be running under will have to have permissions to read (and possibly modify) the registry. Is this an advisable course of action? They will still have to have a userid and password to get in, and only the subweb where the ASP application sits will have those permissions. Or is this just a bad idea all around? -- A. Clausen To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
