|
Home > Archive > IIS Server Security > March 2004 > WebDav overrides NTFS
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
WebDav overrides NTFS
|
|
| Jorge Henriquez 2004-03-18, 3:37 pm |
| Greetings,
I have a WebDav Folder, modify the NTFS permissions, remove all items
listed, add a single user ID. In advanced, I ensure the only owner is the
user ID previously used.
When browsing the file system on the server, I get an access denied message
even if I'm logged on as administrator (What I would expect). When I access
the same folder with WebDav, I can open the folder and list other folders
within it (but no files).
Clues?
Jorge Henriquez
Systems Analyst, Sr.
Undergraduate Initiatives Technology Services
Arizona State University
| |
|
| I'm not familier with WebDav but from your description it sounds like It can
Transverse Folders but not List any of the files. Two things come to mind,
one: there is a setting in Policies that allow bypass of Traverse checking.
And two: that WebDav has to be running in some kind of security context
itself and may be running under the STSTEM ACCOUNT which is the operating
system, this would explain the elevation in privileges.
"Jorge Henriquez" <anonymous@discussions.microsoft.com> wrote in message
news:0F6CC4F7-F10A-4B50-A457-46B86B5A14E3@microsoft.com...
> Greetings,
> I have a WebDav Folder, modify the NTFS permissions, remove all items
> listed, add a single user ID. In advanced, I ensure the only owner is the
> user ID previously used.
> When browsing the file system on the server, I get an access denied
message
> even if I'm logged on as administrator (What I would expect). When I
access
> the same folder with WebDav, I can open the folder and list other folders
> within it (but no files).
> Clues?
>
> Jorge Henriquez
> Systems Analyst, Sr.
> Undergraduate Initiatives Technology Services
> Arizona State University
>
|
|
|
|
|