Security and Setup Issues
The following steps are recommended when installing managed code or unmanaged code to ensure that the installation itself is secure. These steps should be performed for all platforms that support the NTFS file system:
- Set up a system with two partitions.
- Freshly format the second partition; do not change the default Access Control List on the root of the drive.
- Install the product, changing the install directory to point to a new directory on the second partition.
Ensure that none of the following is true:
- Is any code that executes as a service or that normally is run by administrator-level users now world-writable?
- If the code were installed on a terminal server system in application server mode, can your users now write binaries that other users might run?
- Is there anything that ends up in a system area or subdirectory of a system area that might be writable by non-administrators?
Additionally, if the product interacts with the Web, be aware that occasional Web server exploits allow users to run commands that are often executed in the context of the IUSR_MACHINE account. Confirm that there are no files or configuration items that are world-writable that a guest account could leverage under these conditions.