Tutorials to .com

Tutorials to .com » Asp » Fso » Construction of a threat to the virtual host from the FSO (c)

Construction of a threat to the virtual host from the FSO (c)

Print View , by: iSee ,Total views: 14 ,Word Count: 543 ,Date: Thu, 16 Apr 2009 Time: 4:38 AM

Will pop up as follows the "security" warning point "delete":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/012.gif" border=0>
At this time the Security tab of all groups and users will be empty (if not empty, use the "delete" to clear), then "Add" button.
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/013.gif" border=0>
As indicated in the figures of the "Administrator" and in front of the new account created "IUSR_VHOST1" added, will be given complete control of the authority, according to actual needs can also add other groups or users, but certainly not to "Guests" group , "IUSR_ machine name" anonymous access account of these add up!
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/014.gif" border=0>
Then switch to the open front of the "first Virtual Host Properties" dialog box, open the "Directory Security" tab, anonymous access and authentication point control "edit":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/015.gif" border=0>
In the pop-up "test method" on the box (shown below), point "edit":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/016.gif" border=0>
Pop-up the "anonymous user account", the default is "IUSR_ machine name" points "browser":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/017.gif" border=0>
In the "Select User" dialog box found in front of the new account created "IUSR_VHOST1", double-click:
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/018.gif" border=0>
Anonymous user name at this time to come on, and in the password box in front of the creation, the password for the account settings:
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/019.gif" border=0>
Password again to confirm:
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/020.gif" border=0>
OK, completed, determined to close the dialog box.
After this setting, the "first virtual host" user, the use of ASP's FileSystemObject component can only access its own directory: F: \ VHOST1 under the content, when trying to access other content, there will be such as "no permission" "Hard Disk not ready", "500 internal server error" error, such as a prompt.
Another: If the user needs to read the hard drive partition hard drive capacity and serial number, it will make such a set can not be read. If you want to be allowed to read these and the entire contents of the partition, right-click the hard disk partitions (volumes), select "Properties" → "security", the user's account will be added to the list, and at least "Read" permissions. Due to the volume have been under the subdirectory is set to "prohibit inheritable permissions from parent to propagate to this object", so will not affect the authority of the following set of subdirectories.


ASP File System Object Articles


Can't Find What You're Looking For?


Rating: Not yet rated

Comments

No comments posted.