Re: Secure upload page 2
From: Joe (anonymous_at_discussions.microsoft.com)
Date: 04/28/04
- Next message: Norman: "IIS 5 smtp server security"
- Previous message: Ken Schaefer: "Re: spy ware"
- In reply to: Roger Abell: "Re: Secure upload page 2"
- Next in thread: Joe: "Re: Secure upload page 2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Apr 2004 08:00:09 -0700
Thanks Roger I will give this a try
i have seen FP do some VERY strange things also
I would aggree. I will let you know
Most appreciated
Joe
>-----Original Message-----
>OK. There are a few things to take into account here.
>First, the FP browse account generally only has ability
>to read content files. So, it will not have a grant of
>write on the area to which the upload is attempting to
>save (unless it is one of the very few areas where FP
>places very loose permissions).
>So, two things to check. Suppose the upload is trying
>to save to some folder ./here/
>In the IIS mgmt interface, locate this ./here and r-click
>into its properties and there set none for application
>script/execute, and set write with a radio-check.
>Then, find the ./here folder in Explorer and set
permissions
>to modify for the IUSR_, the IWAM_, and the accounts
>that are supposed to be able to upload. This is overkill,
>but it should cover the bases regardless of the types of
>authentication you are supporting and the process
isolation
>setting of the web app.
>Also, if you have used IISlockdown make sure that there
>are not Deny Write settings on this ./here directory.
>If things are still not working the most simple thing is
to
>set an audit ACE in the NTFS permissions, for Failure
>Full, and make sure the the effective local policy will
>enable auditing of failures. I have seen FP do some
strange
>things, expecting account to have read at spots in the
root
>web, etc. but if you have not hand-tightended the NTFS
>permissions of the web content this should not come into
>play.
>--
>Roger Abell
>Microsoft MVP (Windows Server System: Security)
>MCSE (W2k3,W2k,Nt4) MCDBA
>"Joe" <anonymous@discussions.microsoft.com> wrote in
message
>news:517501c42c99$4db989c0$a301280a@phx.gbl...
>> Hello Roger
>>
>> I have created the subweb account as you have said to be
>> the simplest. But the same problem remains anyone with
FP
>> can enter the web the usr has to be an Author to submit
>> the file. I can't get aroung this unles you know a
better
>> way I am struggling here.
>>
>> https://animocracy.com/upload
>>
>> Should take you there. When you submit, the prompt is
back
>> asking for the user name and password
>> thanks guys
>> Joe
>
>
>.
>
- Next message: Norman: "IIS 5 smtp server security"
- Previous message: Ken Schaefer: "Re: spy ware"
- In reply to: Roger Abell: "Re: Secure upload page 2"
- Next in thread: Joe: "Re: Secure upload page 2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
