|
Home > Archive > IIS Server Security > January 2004 > II6 & Read-Only Properties
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
II6 & Read-Only Properties
|
|
| AspDotNetDeveloper 2004-01-27, 6:36 am |
| One thing I noticed recently about Win 2k3 Server, and IIS6, is that it
defaults to Read-Only permissions at the NTFS file and folders property
level. I discovered this, when trying to get the FileSystemObject to write
to a text file. All the permissions were set ok, but I discovered every
folder and file in the wwwroot has it's file properties set as Read-Only.
So, I changed this for the file I was trying to access, and everything
worked fine.
Problem:
I came back to work on my application today, and something had set the file
properties back to Read-Only. Does anyone know what would of done this, and
how to disable it?
Thanks!
| |
| Ken Schaefer 2004-01-27, 1:34 pm |
| Are you using Frontpage Server Extensions?
Cheers
Ken
"AspDotNetDeveloper" <aspdotnetdeveloper@hotmail.com> wrote in message
news:uGmMJuQ5DHA.2432@TK2MSFTNGP10.phx.gbl...
: One thing I noticed recently about Win 2k3 Server, and IIS6, is that it
: defaults to Read-Only permissions at the NTFS file and folders property
: level. I discovered this, when trying to get the FileSystemObject to write
: to a text file. All the permissions were set ok, but I discovered every
: folder and file in the wwwroot has it's file properties set as Read-Only.
: So, I changed this for the file I was trying to access, and everything
: worked fine.
:
: Problem:
: I came back to work on my application today, and something had set the
file
: properties back to Read-Only. Does anyone know what would of done this,
and
: how to disable it?
:
: Thanks!
:
:
| |
| David Wang [Msft] 2004-01-27, 3:34 pm |
| Allowing a web-based request the ability to modify the local filesystem is a
privileged operation. Thus, you should take care in only allowing this
permission in a limited scope, hopefully outside of the URL namespace such
that people can't both upload and execute arbitrary code (like hacker tools)
on your server and take it over.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"AspDotNetDeveloper" <aspdotnetdeveloper@hotmail.com> wrote in message
news:uGmMJuQ5DHA.2432@TK2MSFTNGP10.phx.gbl...
One thing I noticed recently about Win 2k3 Server, and IIS6, is that it
defaults to Read-Only permissions at the NTFS file and folders property
level. I discovered this, when trying to get the FileSystemObject to write
to a text file. All the permissions were set ok, but I discovered every
folder and file in the wwwroot has it's file properties set as Read-Only.
So, I changed this for the file I was trying to access, and everything
worked fine.
Problem:
I came back to work on my application today, and something had set the file
properties back to Read-Only. Does anyone know what would of done this, and
how to disable it?
Thanks!
|
|
|
|
|