INFO: Security Issues with RAD Remote Development Support (192039)
The information in this article applies to:
- Microsoft Visual InterDev 6.0, when used with:
- the operating system: Microsoft Windows NT 4.0
- the operating system: Microsoft Windows 2000
- Microsoft Visual Studio, Enterprise Edition 6.0
This article was previously published under Q192039 SUMMARY
You can install Visual InterDev RAD Remote Development Support as an option on Windows NT or Windows 2000. In Windows NT, this is installed with the Windows NT 4.0 Option Pack and is automatically installed if the Windows NT 4.0 Option Pack is installed as a part of the Visual Studio 6.0 install process. In Windows 2000, you can install it through Add/Remove Programs in Control Panel as follows:
- In Add/Remove Programs, click Add/Remove Windows Components, click Internet Information Services (IIS).
- Click Details, and select the Visual InterDev RAD Remote Development Support check box.
Visual InterDev RAD Remote Development Support provides the ability for
developers to install and register components on a server from a remote
Visual Studio 6.0 client. While this function is both convenient and
useful, it creates the potential for a security breach on the server where
it is enabled.
Currently, Windows NT Administrators can allow developers access to a
server while restricting them from the ability to install and register
components. Installing Visual InterDev RAD Remote Development Support will
give any Visual Studio 6.0 developer with "Author" permissions the ability
to install and register a component (from a Visual Studio 6.0 client) that
could potentially be harmful to the server and/or breach server security.
Windows NT Administrators should be aware of and consider these
implications when enabling Visual InterDev RAD Remote Development Support.
| Modification Type: | Minor | Last Reviewed: | 8/11/2005 |
|---|
| Keywords: | kbDeployment kbinfo KB192039 |
|---|
|