Re: Disable serverobject

From: "Daniel Crichton" <msnews@xxxxxxxxxxxxxxxx>
Date: Wed, 8 Nov 2006 17:26:32 -0000

HEGMS wrote on Wed, 8 Nov 2006 08:19:01 -0800:

Hi,

Some of my users are using this function :

set fso=server.createobject("scripting.filesystemobject")

but I've seen that it can read directly in any file, so I just want to
disable the library scripting in IIS but I don't know how.
Thx

It can only read any file that the user account IIS is running under has
permission to read. Just remove execute permissions to the scripting runtime
DLL (normally c:\windows\system32\scrrun.dll) for the IIS anonymous user
account, or stop giving full access to the anonymous account to all your
files.

Dan

.

Prev by Date: Re: Webservice to an Out of process server
Next by Date: Re: NTLM Authentication on IIS 6.0
Previous by thread: Re: Webservice to an Out of process server
Next by thread: aspnet_isapi.dll security limit access to all but 1 file
Index(es):
- Date
- Thread

Relevant Pages

RE: SOME Users cannot access OWA others do, error HTTP 500
... I understand that some account access OWA ... IIS 6.0 compression corruption causes access violations ... compressed copy of the affected files on the SBS server: ...
(microsoft.public.windows.server.sbs)
Re: Basic Authentication fails with Error 401.2 where Integrated s
... On the IIS directory security tab, anonymous access is disabled, digest ... authentication is disabled, integrated authentication is disabled and basic ... account created has full permissions for the folder and the file that's in it. ...
(microsoft.public.inetserver.iis.security)
Re: IIS 6 ASP: Which Process Identity Is It Using? App Pool or Anon?
... But isn't the COM object running under the ... The COM object can be running under the impersonated account, ... example, even if IIS launched the COM object with the impersonated user, the ... It will now be using "TestService" identity. ...
(microsoft.public.inetserver.iis)
Re: Virtual Directory - Permission Denied with fso CopyFile
... TestUser (normal user account with same credentials on all machines). ... I logged into the IIS server as vdirUser and simply typed ... open and I had read and write permissions to the share. ... I logged off and back into the IIS server as the administrator and deleted ...
(microsoft.public.inetserver.iis)
Re: Digest Authentication
... It sounds like IIS is having problems impersonating the IUSR account, ... In IIS, you do not need Script Source or Write permissions unless you ... But the Digest authentication for windows domain is ...
(microsoft.public.inetserver.iis)