Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > Using OpenTextFile when IUSR doesn't have Write permission

Reply
Thread Tools

Using OpenTextFile when IUSR doesn't have Write permission

 
 
Andyza
Guest
Posts: n/a
 
      09-30-2009
I'm using code similar to the code below to write to a text file on my
web server (IIS 6 & Win2k3).

strFileName = Server.Mappath("Test.txt")
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFileName,8,True)
objFile.WriteLine "Hello World"
objFile.Close
Set objFile = nothing
Set objFSO = nothing

In order for thsi script to work the Internet Guest account (IUSR)
needs to have Write permissions. For obvious security reasons we don't
really want to allow this. Apart form giving IUSR write access, is
there any other way get the script to be able to write to the text
file?

Thanks
 
Reply With Quote
 
 
 
 
Bob Barrows
Guest
Posts: n/a
 
      09-30-2009
Andyza wrote:
> I'm using code similar to the code below to write to a text file on my
> web server (IIS 6 & Win2k3).
>
> strFileName = Server.Mappath("Test.txt")
> Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
> Set objFile = objFSO.OpenTextFile(strFileName,8,True)
> objFile.WriteLine "Hello World"
> objFile.Close
> Set objFile = nothing
> Set objFSO = nothing
>
> In order for thsi script to work the Internet Guest account (IUSR)
> needs to have Write permissions. For obvious security reasons we don't
> really want to allow this. Apart form giving IUSR write access, is
> there any other way get the script to be able to write to the text
> file?
>

Cause the code to run under a different security context? In IIS, you
could do this by using impersonation. But the effect would be the same,
really. If you are doing this in ASP server-side code then the same
security hole would be opened. All you can really do is mitigate the
potential damage by only assigning Write permissions for a specific
folder.
--
HTH,
Bob Barrows


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing Write access without using IUSR AVB ASP General 2 09-14-2005 08:39 PM
Special Permission for IWAM or IUSR to run VBS File? Colin Steadman ASP General 1 04-07-2004 06:01 AM
FileSystemObject - OpenTextFile stucks Fie Fie Niles ASP General 3 03-04-2004 05:24 PM
OpenTextFile just hangs jwallison ASP General 2 02-26-2004 07:20 PM
OpenTextFile and logging JT ASP General 4 12-23-2003 05:52 PM



Advertisments