Tutorials to .com

Tutorials to .com » Asp » Fso » Threat from the FSO to build a virtual host (a)

Threat from the FSO to build a virtual host (a)

Print View , by: iSee ,Total views: 10 ,Word Count: 769 ,Date: Thu, 16 Apr 2009 Time: 4:40 AM

Now the vast majority of the virtual host are disabled in the standard asp components: FileSystemObject, because the components for the ASP provides a powerful file system access, the server can be any file on your hard disk to read, write, copy, delete the name and other operations (of course, this means use the default settings in the Windows NT / 2000 can be done). However, after the prohibition of this component, the consequences arising from the use of this component is that all of the ASP will not be able to run, unable to meet customer needs.
How to allow the FileSystemObject component, without affecting the security of the server (ie: different Virtual Host users can not use other people to read and write the components of the document) does? Here I am in the experiment was a way to Windows 2000 Server below as an example to illustrate.
On the server to open Explorer, right-click each hard drive partition or volume, in the pop-up menu and select "Properties", select the "Security" tab, when you can see what account be able to access the partitions (volumes) and access rights. Default installation, there is the "Everyone" has full control permissions. Point "add" to "Administrators", "Backup Operators", "Power Users", "Users" group to add a few into, and to give "full control" or the appropriate authority, careful not to "Guests" group, "IUSR_ machine name" of any rights of these accounts. And then "Everyone" group to delete from the list, so that only authorized groups and users can access the hard disk partition, and the ASP implementation is based on "IUSR_ machine name" hard drive in his capacity as the visit here did not give the user account permissions, ASP can not read and write files on your hard disk.
To do is the following for each virtual host the user to set up a separate user account, and then give the distribution of each account to allow full control of a directory.
As shown below, open the "Computer Management" → "Local Users and Groups" → "user", in the right-hand column, click the right mouse button in the pop-up menu, select "new user":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/001.gif" border=0>
In the pop-up "new user" dialog box in accordance with the actual need to enter "User Name", "full name", "description", "password", "Confirm Password", and "the next time you log when users change the password" removed before the step, select "User can not change password" and "Password Never Expires." In this case is the first virtual host to set up an anonymous user access to the built-in Internet Information Services Account "IUSR_VHOST1", namely: the use of all http://xxx.xxx.xxxx/ client access to this virtual host, are In this capacity, to visit. Input Upon completion point "to create" can be. Can be based on actual needs, to create multiple users, create a point after the "off":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/002.gif" border=0>
Now the newly created user account appears in the list, and in the list, double-click the account in order to further set:
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/003.gif" border=0>
In the pop-up "IUSR_VHOST1" (that is, just create a new account) Properties dialog box midpoint "under the" tab:
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/004.gif" border=0>
Newly created account is the default "Users" group, select the group, point "delete":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/005.gif" border=0>
Is now as follows, again at this time point "add":
<IMG SRC="http://202.100.116.12/paddy/bbsimages/fsosafe/006.gif" border=0>


ASP File System Object Articles


Can't Find What You're Looking For?


Rating: Not yet rated

Comments

No comments posted.