Construction of a threat to the virtual host from the FSO (c)
<IMG SRC="http://126.96.36.199/paddy/bbsimages/fsosafe/012.gif" border=0>
At this time the Security tab of all groups and users will be empty (if not empty, use the "delete" to clear), then "Add" button.
<IMG SRC="http://188.8.131.52/paddy/bbsimages/fsosafe/013.gif" border=0>
As indicated in the figures of the "Administrator" and in front of the new account created "IUSR_VHOST1" added, will be given complete control of the authority, according to actual needs can also add other groups or users, but certainly not to "Guests" group , "IUSR_ machine name" anonymous access account of these add up!
<IMG SRC="http://184.108.40.206/paddy/bbsimages/fsosafe/014.gif" border=0>
Then switch to the open front of the "first Virtual Host Properties" dialog box, open the "Directory Security" tab, anonymous access and authentication point control "edit":
<IMG SRC="http://220.127.116.11/paddy/bbsimages/fsosafe/015.gif" border=0>
In the pop-up "test method" on the box (shown below), point "edit":
<IMG SRC="http://18.104.22.168/paddy/bbsimages/fsosafe/016.gif" border=0>
Pop-up the "anonymous user account", the default is "IUSR_ machine name" points "browser":
<IMG SRC="http://22.214.171.124/paddy/bbsimages/fsosafe/017.gif" border=0>
In the "Select User" dialog box found in front of the new account created "IUSR_VHOST1", double-click:
<IMG SRC="http://126.96.36.199/paddy/bbsimages/fsosafe/018.gif" border=0>
Anonymous user name at this time to come on, and in the password box in front of the creation, the password for the account settings:
<IMG SRC="http://188.8.131.52/paddy/bbsimages/fsosafe/019.gif" border=0>
Password again to confirm:
<IMG SRC="http://184.108.40.206/paddy/bbsimages/fsosafe/020.gif" border=0>
OK, completed, determined to close the dialog box.
After this setting, the "first virtual host" user, the use of ASP's FileSystemObject component can only access its own directory: F: \ VHOST1 under the content, when trying to access other content, there will be such as "no permission" "Hard Disk not ready", "500 internal server error" error, such as a prompt.
Another: If the user needs to read the hard drive partition hard drive capacity and serial number, it will make such a set can not be read. If you want to be allowed to read these and the entire contents of the partition, right-click the hard disk partitions (volumes), select "Properties" → "security", the user's account will be added to the list, and at least "Read" permissions. Due to the volume have been under the subdirectory is set to "prohibit inheritable permissions from parent to propagate to this object", so will not affect the authority of the following set of subdirectories.
ASP File System Object Articles
- Automatically generated using the function n layer directory
- A simple analysis of the HTML virus
- Collection of commonly used functions of Oracle
- Commonly used ASP function
- FSO to obtain the image file with the information (size, width, height)
- Using XML + FSO + JS to achieve server-side file
- Principles of secondary domain names, as well as procedures
- Image files using FSO to obtain information
- ASP, FSO directory traversal and file directory
- No template, only ASP + FSO to generate static HTML pages of a method
- FSO read TXT file
- The power of FSO
- FSO to open
- Page How do I know the actual size of the image?
- FSO object of ASP in IIS WEB server data security threats and countermeasures
- Threat from the FSO to build a virtual host (a)
- Construction of a threat to the virtual host from the FSO (b)
- Construction of a threat to the virtual host from the FSO (c)
- Traversal function to sort files
- asp commonly used in document processing function
Can't Find What You're Looking For?
Rating: Not yet rated