Write access to web.config

A

Asim

What are the security risks to grant ASP.NET user write access to web.config?
I am working on a project in which I am required to update web.config at the
runtime, basically modifying access to different directories.

Any suggestion will be greatly appreciated.

Thanks
 
K

Ken Cox [Microsoft MVP]

Hi Asim,

There are certainly serious security risks in doing this. You might want to
consider storing the configuration information in some other place like a
database rather than the web.config.

I'd also worry about performance problems because whenever you change the
web.config, the Web application resets and will want to recompile.

Ken
 
P

Patrick Olurotimi Ige

Asim..
I don't advice updating or modifying web.config files at anytime UNLESS
u need to do so..
GDLUCK
Patrick
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Write access to web.config 0
How to write a program whose input various information of the companies 3
Allowing group access to encrypted web.config 0
Need tips on adding an auth layer to an existing webapp 1
Want to host websites that I will probably be the only user from home. Sacrilege, I know, but it has always been a dream of mine. Where do I start? 2
web.config access problem 1
[C Language] Need help transferring Linux CodeBlocks Project to Windows CodeBlocks Project 1
Web Service & Web.Config 1

Members online

No members online now.
Total: 57 (members: 1, guests: 56)
Robots: 298

Forum statistics

Threads
473,996
Messages
2,570,237
Members
46,825
Latest member
VernonQuy6

Latest Threads

Top