Wrox Programmer Forums
ASP Pro Code Clinic As of Oct 5, 2005, this forum is now locked. No posts have been deleted. Please use "Classic ASP Professional" at: http://p2p.wrox.com/forum.asp?FORUM_ID=56 for discussions similar to the old ASP Pro Code Clinic or one of the other many remaining ASP and ASP.NET forums here.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP Pro Code Clinic section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
Old June 15th, 2004, 06:51 PM
Registered User
Join Date: Jun 2004
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default IIS 5 folder permissions

I have an ASP app that reads data files and creates pdf and text files on a win 2000 web server. I have the read/write permissions set for the folder being accessed on my development server. Now that I'm ready to publish my application to the web, my IT support person (who does the actual publishing of my files) has informed me that setting the read/write permissions for the necessary folders on the web server is to dangerous (security issues) and he won't do it. He wants me to find a way to set the user permissions on the fly, then remove them once the pdf files are written, or find some other method.

I can make a login page, however I haven't been able to find code examples of setting permissions. I'm not sure if this can be done, and if it can, would I do it in an asp script or write an activeX DLL. I'd like to avoid making user's create and save logon id's, I'd rather generate some session ID or something with code and then destroy it once the session is closed.

Finally, is this really a security issue? Does any of the WROX books have any good examples to help me do this? Anyone have any ideas?

Thanks for your help.

Old June 15th, 2004, 07:16 PM
Friend of Wrox
Join Date: Jun 2003
Posts: 2,480
Thanks: 0
Thanked 1 Time in 1 Post

IMO, as long as you read/write only thorugh your ASP application, it is not harm setting read/write permissions for those folders. Actually that is set only for the IUSR_yourMachine account, and that does no harm.

But you should be sure that you separate the folders that you use for creating text/pdf files from your other folders, so that permission is set only to these folders, not to the entire web app folder.

Hope that helps.

-Vijay G
Strive for Perfection
Old June 16th, 2004, 02:04 AM
Imar's Avatar
Wrox Author
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts

Another possible solution is to generate the files in a folder outside the Web root, e.g. C:\MyGeneratedPDFs. This way, the system is allowed to create the files, but the "outside world" cannot access the writable folder.

Then in IIS, you can map a new read-only Virtual Directory to the folder, so your users can access the PDFs like /Downloads, for example.


Imar Spaanjaars
Everyone is unique, except for me.
Old June 17th, 2004, 01:07 PM
Registered User
Join Date: Jun 2004
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts

Imar, that's a very good idea. I'll give it a try.

Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting Folder Permissions lewdogg Classic ASP Components 0 June 28th, 2005 07:23 PM
Folder listing and permissions Tom Perro Classic ASP Professional 1 February 23rd, 2004 10:59 AM
How to set permissions on a shared folder adman Pro VB 6 1 February 19th, 2004 11:07 AM
Set permissions on a shared folder adman Beginning VB 6 2 February 12th, 2004 03:06 AM
How to manage NTFS folder access permissions Dmitriy Pro VB 6 0 August 7th, 2003 08:57 AM

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.