Solved

Limit ASP access to files from other sites.

Posted on 2004-04-07
2
159 Views
Last Modified: 2013-12-04
I have a security problem on the server I am setting up.

I have a number of different sites running in IIS 5.0 placed in different directories:

e:\home\aaa
e:\home\bbb

etc.

The problem is that the asp files running in site aaa (f:\home\aaa) can access the files and databases in f:\files\bbb using af fileSystemObject.


How can this be avoided?

A explanation of the security issues involved will be greatly appreciated.
0
Comment
Question by:lasseStaff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 12

Accepted Solution

by:
trywaredk earned 300 total points
ID: 10773693
If you have a number of users with websites on your server, they can, in the default configuration, read each other's files with FileSystemObject. What if you want to prevent this happening? Here's how
http://rtfm.atrax.co.uk/infinitemonkeys/articles/iis/986.asp

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10775792
:o) Glad I could help you - thank you for the points
0

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question