Re: NTFS rights not honored
From: Norman Rasmussen (nrasmussen_at_openboxsoftware.com)
Date: 12/17/03
- Next message: Brian: "Help! FileUploading, Windows 2000 permissions, and the ASP.NET account"
- Previous message: Norman Rasmussen: "Re: Setting Principal for HttpWorkerRequest"
- In reply to: Pål Andreassen: "Re: NTFS rights not honored"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Dec 2003 14:51:12 +0200
> Since I've got impersonation on in web.config I though the request would
be run as the actual logged in user, and not ASPNET.
Yes, I think is what is happening for you.
> The problem is that everyone can see every file and folder, even though
NTFS does not permit them
There is a difference between being able to _see_ the file in a directory
listing and actually being able to read it. Can if you can't read the file
you can see it! You will need to check whether you can actually read the
file before showing it in the list to the user.
- Next message: Brian: "Help! FileUploading, Windows 2000 permissions, and the ASP.NET account"
- Previous message: Norman Rasmussen: "Re: Setting Principal for HttpWorkerRequest"
- In reply to: Pål Andreassen: "Re: NTFS rights not honored"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
