|
-
Aug 3rd, 2004, 12:40 AM
#1
Quick Q about permissions
Using ASP.NET, whenever I write to a file, I've had to set permissions on the file level.
For example, the other day, I was saving to an XML file, and I was getting the usually permission error, which went away after I set permissions for the NETWORK SERVICE process on it. (VS.NET 2003). I noticed that setting permissions on the containing folder had no effect.
My question is, what if I want to create a new file? Will I need to set permissions on the folder itself, or what?
Any info on permissions will be helpful.
-
Aug 3rd, 2004, 03:43 AM
#2
Fanatic Member
I think if you create a new file it will inherit the permisions from the user creating the file.
Me thinks at least.
-
Aug 3rd, 2004, 06:12 AM
#3
Aah, and indeed you are right.
I was trying to write an XML file, and despite giving it full 'permissions' under the sharing tab, it wasn't working.
That's when I saw the Security tab.
I guess that's how it works...
-
Aug 3rd, 2004, 06:13 AM
#4
Is it also possible to create the file without giving permissions on that folder? In other words, to somehow make it act, walk, talk and sneeze like the administrator account?
-
Aug 3rd, 2004, 10:35 AM
#5
Frenzied Member
No, I'm pretty sure all NTFS permissions have to be defined explicitly if not inherited from the parent.
What do you mean make it act like the admin account? I'm pretty sure you can't give a file any more access rights than the containing folder.
-
Aug 3rd, 2004, 11:03 AM
#6
I wonder how many charact
You know there's a whole boatload of security concepts that most of us probably would never really want to read about. I sure don't, but I'm beginning to realize I will need a book on .Net security, especially with IIS...
For the most part, if you need to create or write a file, I would give the ASP.NET account Modify permissions, because its the easiest way to do it.
A more stubborn nazi security guy would probably say I should attach a security principal to my code, giving it an explicit authentication, and the same on the folder (or file), so that other ASPNET processes couldn't change that folder's contents. Those permissions being handled by a <location> tag in the web.config..
But the help at MSDN is rather cryptic and doesn't provide enough example scenarios.
Last edited by nemaroller; Aug 3rd, 2004 at 11:07 AM.
-
Aug 4th, 2004, 04:26 AM
#7
Originally posted by nemaroller
You know there's a whole boatload of security concepts that most of us probably would never really want to read about. I sure don't, but I'm beginning to realize I will need a book on .Net security, especially with IIS...
For the most part, if you need to create or write a file, I would give the ASP.NET account Modify permissions, because its the easiest way to do it.
A more stubborn nazi security guy would probably say I should attach a security principal to my code, giving it an explicit authentication, and the same on the folder (or file), so that other ASPNET processes couldn't change that folder's contents. Those permissions being handled by a <location> tag in the web.config..
But the help at MSDN is rather cryptic and doesn't provide enough example scenarios.
I'll look into this and come around to it a month later.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|