Re: IUSER "Write" Permissions? Pro or Con?

From: Jeff Cochran (jcochran.nospam@naplesgov.com)
Date: 01/22/03


From: jcochran.nospam@naplesgov.com (Jeff Cochran)
Date: Wed, 22 Jan 2003 13:21:27 GMT


>One of our database developers wants to allow anonymous web visitors the
>option of generating a downloadable output file from a webpage based
>database query. In order to do this, he has asked us to allow the web
>server's IUSER account to have write permissions for a specific directory
>under c:\inetpub\wwwroot. I'm hesitant to allow the ISUER account to have
>any write permissions even if restricted to a specific directory. However,
>before making any final decision, I thought I would bounce the idea off this
>group to see if my concerns are valid or not. I would appreciate any
>feedback pro or con to allowing IUSER to have these rights.

I'd be tempted to tell the developer to design the page correctly so
it streams the file to the client as a result of the query. But if
you must do this, place the folder outside the web strcuture, and only
allow access as an include to an ASP file in the web folders.

Jeff



Relevant Pages

  • Re: IUSER "Write" Permissions? Pro or Con?
    ... > One of our database developers wants to allow anonymous web visitors the ... > server's IUSER account to have write permissions for a specific directory ... > any write permissions even if restricted to a specific directory. ...
    (microsoft.public.inetserver.iis.security)
  • IUSER "Write" Permissions? Pro or Con?
    ... One of our database developers wants to allow anonymous web visitors the ... server's IUSER account to have write permissions for a specific directory ... any write permissions even if restricted to a specific directory. ...
    (microsoft.public.inetserver.iis.security)
  • Re: IUSER "Write" Permissions? Pro or Con?
    ... > One of our database developers wants to allow anonymous web visitors the ... > server's IUSER account to have write permissions for a specific directory ... > any write permissions even if restricted to a specific directory. ...
    (microsoft.public.inetserver.iis.security)