Documentation Center

General security recommendations

You should ensure that non-authorized parties cannot access the transport package.

The transport package that is sent from Content Manager to Content Deployer contains content, metadata, and deployment instructions. The operation may be compromised if the transport package is intercepted and the content and metadata replaced with malicious content and the deployment instructions altered to deploy the content to a non-intended location.

To control this potential threat, limit security access of the various Content Delivery processes as follows:

All processes
All Content Delivery processes must be run by users with the following (minimal) rights:
Content Deployer
If you use file system storage, the user account that runs Content Deployer must also have write access to the file system storage file location(s). Refer to Configuring Content Data Store access for your Content Delivery Role to find out the location(s).

In an ASP.NET setup, these user accounts are the ones associated with the Default Application Pool.