I run a web hosting service and allow clients to host their web sites on our servers. Our IIS 5 server has the .NET Framework installed (1.1).
I wanted to know the concerns I should have when allowing clients to place .aspx and Delphi .DLLs on the server in their web folder? What damage can a combination of .aspx and Delphi .DLL do? If the web folder is on drive W, can a aspx/dll combo access files on drive C? Is there anything to stop such files from deleting files that do not belong to the customer or from retrieving data on another drive or another parent folder or Registry?