Re: Server Setting to allow/disallow Uploads
- From: David Wang <w3.4you@xxxxxxxxx>
- Date: 23 May 2007 01:19:35 -0700
What you want to do is possible. But, the behavior you describe
completely depends on the server-side application you use. There is no
server setting to allow/disallow uploads.
IIS does not know about "FP developers", "anonymous users", nor
"download/upload". IIS only knows to execute code to generate a
response for every single request using some NT user token", and IIS
only executes code which either:
1. directly opens a file and sends it as is (Static File Handler)
2. loads a Win32 DLL and invokes HttpExtensionProc (ISAPI Handler)
3. launches a new process for CGI EXE (CGI Handler)
4. handles WebDAV commands
Controlling user delegation of permissions to write on the local
filesystem is certainly possible, but it all depends on how the server-
side application authenticates and authorizes access to functionality.
And all of that has very little to do with IIS - at the root of it
all, the server-side application just tells IIS to "use this NT user
token and execute this piece of my code".
In other words, the behavior you are asking for is closer to
provisioning web server access, which can be done with special
software for web servers. Generic web server is necessary for the
complete solution, but it is not that piece of software.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
On May 22, 8:57 am, Vinnie L <Vinn...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
I would've thought that someone from the FrontPage Client or FrontPage Server
Extens forum would be able to answer this because of the tight relationship
between the technologies but apparantly not.
Can someone in this forum address this?
BTW I tried the adjust the NTFS permissions of the anonymous user to no avail.
=========================================
Suggest you post this tot he Windows Server newsgroup, as it deal with IUSER
permissions.
--
==============================================
Thomas A. Rowe
Microsoft MVP - FrontPage
http://www.Ecom-Data.com
==============================================
"Vinnie L" <Vinn...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E19FF2CF-0E5B-41CE-BA9D-DC5E5016D00B@xxxxxxxxxxxxxxxx
How can we manage the ability to allow/disallow web developers to give the
ability to users to Write to files/directories. There has been discussions
around this issue where a FP developer has the setting to have Anonymous
Write to a file greyed out. The response was that that's the setting
determined by the hosting company. What setting is that on the server? Is is
a registry setting, a Administration Web setting? I can't seem to find it.
Any assistance will be greatly appreciated.
Thanks- Hide quoted text -
- Show quoted text -
.
- Follow-Ups:
- Re: Server Setting to allow/disallow Uploads
- From: Vinnie L
- Re: Server Setting to allow/disallow Uploads
- Prev by Date: Re: Is this normal behavior or an attack?
- Next by Date: Re: Server Setting to allow/disallow Uploads
- Previous by thread: Re: Is this normal behavior or an attack?
- Next by thread: Re: Server Setting to allow/disallow Uploads
- Index(es):
Relevant Pages
|
