<div>
:o) Glad I could help you - thank you for the points
</div>


:o) Glad I could help you - thank you for the points

<div>
<div class="content wysiwyg-content">
I have a security problem on the server I am setting up.<br />
<br />
I have a number of different sites running in IIS 5.0 placed in different directories:<br />
<br />
e:\home\aaa<br />
e:\home\bbb<br />
<br />
etc.<br />
<br />
The problem is that the asp files running in site aaa (f:\home\aaa) can access the files and databases in f:\files\bbb using af fileSystemObject.<br />
<br />
<br />
How can this be avoided?<br />
<br />
A explanation of the security issues involved will be greatly appreciated.
</div>
</div>


I have a security problem on the server I am setting up.

I have a number of different sites running in IIS 5.0 placed in different directories:

e:\home\aaa
e:\home\bbb

etc.

The problem is that the asp files running in site aaa (f:\home\aaa) can access the files and databases in f:\files\bbb using af fileSystemObject.


How can this be avoided?

A explanation of the security issues involved will be greatly appreciated.

Limit ASP access to files from other sites.

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.