|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Disable serverobjectHi,
Some of my users are using this function : set fso=server.createobject("scripting.filesystemobject") but I've seen that it can read directly in any file, so I just want to disable the library scripting in IIS but I don't know how. Thx HEGMS wrote on Wed, 8 Nov 2006 08:19:01 -0800:
> Hi, It can only read any file that the user account IIS is running under has > > Some of my users are using this function : > > set fso=server.createobject("scripting.filesystemobject") > > but I've seen that it can read directly in any file, so I just want to > disable the library scripting in IIS but I don't know how. > Thx permission to read. Just remove execute permissions to the scripting runtime DLL (normally c:\windows\system32\scrrun.dll) for the IIS anonymous user account, or stop giving full access to the anonymous account to all your files. Dan 
Other interesting topics
problem access iis 6
inhability to display http://localhost How do I make a local machine client certificate available to all users? NTLM Authentication on IIS 6.0 access to network file server through web server denied [IIS 5] Homemade cert and SSL _Address Server extension error SSL client-side certificate Security on my site. |
|||||||||||||||||||||||
