Re: IIS and FP 2002 security problem for shared hosting....

From: al (news@thispartisfake-13c.com)
Date: 08/28/02 

From: "al" <news@thispartisfake-13c.com>
Date: Tue, 27 Aug 2002 18:00:39 -0700

Do A search on Google newsgroups For Network and Interactive FrontPage and
enjoy the rants.
I also just posted to this list a possible workaround. 

--
al.NETisNOTsecureforsharedhosting
It's not my website it's me dammit!
"Agustin Chernitsky" <agustinchernitskyNOSPAM@hotmail.com> wrote in message
news:uWpYASKTCHA.2780@tkmsftngp09...
> Hi guys,
>
> I have the following situation in my server. These are the root folders
for
> some sites:
>
> c:\www\siteA
> c:\www\siteB
> c:\www\siteC
>
> c:\www\siteA has the following users and perms:
>
> userA (RWDX)
> Administrators (F)
> System (F)
> IUSR_server(RX)
>
> The same for the rest, but with their corresponding users. Now, with this
> NTFS configuration, I created the sites and FTP access (FTP is shared on a
> single IP, so they access directly to their folders). Up to now, userA
> cannot access any other sites... So, this is quite secure.
>
> Now, if I install FP2002 on, for example site B, I get these perms:
>
> userB (RWDX)
> Administrators (F)
> System (F)
> INTERACTIVE (RX)
> NETWORK (RX)
> IUSR_server(RX)
>
> Now, with this FP, any user logged on through FP can access siteB contents
> (not erase them, but view them). From what I read, this is a FP bug of the
> INTERACTIVE group. Can anyone suggest a solution? Or any ideas if this
kind
> of problem will be fixed by MS?
>
> Thanks!
>
> A.
>
>

Relevant Pages

  • RE: Offer Remote Assistance - "Permission denied" - Windows XP SP2
    ... I am on a Novell network. ... > being made from and under the security context of a Local AND Domain ... > Allow logon through Terminal Services Administrators,Remote Desktop Users ... > Back up files and directories Administrators ...
    (microsoft.public.windowsxp.security_admin)
  • Re: How Can I Allow Access From The Internet to Only Selected User
    ... users, groups, client ip address ranges, client computer naming conventions ... All users can access Terminal Server from inside the network ... "select remote users" and enter in th administrators group. ...
    (microsoft.public.windows.terminal_services)
  • Re: Seeking Win2000 Policy Advice
    ... "Not trusting your developers ... is as bad, if not worse, than not trusting your network administrators." ... you have anyone serious about network security working in your company, ... frequently using the internet as a resource. ...
    (comp.os.ms-windows.nt.admin.security)
  • [OSOT] Distinction between Network Admin and System Admin
    ... I have a question about how you all would distinguish Network Administrators ... from System Administrators and the separate duties for each function. ... Sys), a Network Admin would deal with the DNS, MTA, Firewalling, NFS, ...
    (comp.os.linux.networking)
  • Draft I: Why You Dont Want to Install Software
    ... number of local administrators we have lurking around our networks. ... idea of contacting your network consultant to install software probably ... commonplace task for the network consultant. ...
    (microsoft.public.windows.server.sbs)