RE: Outlook Web Access security
From: brett hill, IIS MVP iistraining.com (iistraining.com_at_discussions.microsoft.com)
Date: 12/28/04
- Next message: dylan: "Re: Outlook Web Access security"
- Previous message: Gilgamesh4Ever: "IIS and out-of-process issue"
- In reply to: dylan: "Outlook Web Access security"
- Next in thread: dylan: "Re: Outlook Web Access security"
- Reply: dylan: "Re: Outlook Web Access security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Dec 2004 09:51:03 -0800
The baseline analyzer makes the suggestion you disable parent paths, but like
most security configurations, it is a suggestion, not a directive. OWA may
require parent paths and it sounds like it does. The lockdown tool is not
involved in this so there is no need to undo what it has done. Simply do what
you can that the baseline analyzer suggests, but do not disable parent paths
if it is required by your application. Many, many applicaitons use parent
paths so it is commonly left enabled, but would be best if it was disabled
for security reasons.
- Next message: dylan: "Re: Outlook Web Access security"
- Previous message: Gilgamesh4Ever: "IIS and out-of-process issue"
- In reply to: dylan: "Outlook Web Access security"
- Next in thread: dylan: "Re: Outlook Web Access security"
- Reply: dylan: "Re: Outlook Web Access security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
