FileSystemObject security

A

Andrew

Hi expert,

By using FileSystemObject, I want a specific user from the server to write
and delete folders, and not allow the IUSER_<server> to do that. Is it
possible? If yes, how I can do that? thanks

Andrew
 
R

Ray Costanzo [MVP]

Not with the FSO. You'd need to use something that can impersonate another
user on the server (or domain) that has permissions. I'd imagine that there
are components for this, but I'm not finding any.

Another option is to authenticate your users when they visit your site and
give them the NTFS permissions.

What is the ultimate goal here and/or the requirement for disallowing IUSR_
to modify directory contents?

Ray at home
 
A

Andrew

Ray Costanzo said:
Not with the FSO. You'd need to use something that can impersonate another
user on the server (or domain) that has permissions. I'd imagine that there
are components for this, but I'm not finding any.

Another option is to authenticate your users when they visit your site and
give them the NTFS permissions.

What is the ultimate goal here and/or the requirement for disallowing IUSR_
to modify directory contents?
Click to expand...

A security concern. I want the IUSER to access www only, but not other
folders.
thanks, anyway
 
R

Roland Hall

in message
: By using FileSystemObject, I want a specific user from the server to write
: and delete folders, and not allow the IUSER_<server> to do that. Is it
: possible? If yes, how I can do that? thanks

Yes but it depends on two things:

1. Anonymous access must be turned off on the path where you want
files/folders removed.
2. A different user account must have those privileges for the path and must
first connect to the web server on a restricted path (such as this) to get
the prompt to log on, if using Basic Security or Integrated where the user
is not part of that domain/workgroup, so the prompt will be given.
Integrated Security, in the same workgroup or domain will not prompt if the
user's credentials on the web server match the credentials they are logged
on with.

This scenario is generally restricted to Intranets but doesn't have to be.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Reusing FileSystemObject Object 2
FileSystemObject question... 3
filesystemobject 7
FileSystemObject and asp 5
Seeking co-founders for my company. 3
Using FileSystemObject in VB.NET 2
FileSystemObject Question 4
filesystem security 4

Members online

Total: 91 (members: 3, guests: 88)
Robots: 445

Forum statistics

Threads
473,995
Messages
2,570,230
Members
46,819
Latest member
masterdaster

Latest Threads

Top