473,809 Members | 2,826 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Server Permission Settings

Hello,

I'm not sure if I'm in the right area. I have asp pages that call a
database and sometimes updates it. The pages are under the root the database
is in a db folder under the root. My server guy isn't too sure what the
permissions should be on the server to these folders (root & db). Can you
give me some general instructions for this? Or point me in the right
direction for the answer?

Thanks
Jul 22 '05
14 2219
Aaron Bertrand [SQL Server MVP] wrote:
I'm still not sure what you think "Full Control" grants IUSR that
read/write/modify does not, but okay.


It's similar to the difference between making a user an object owner (dbo)
and granting a user select/update/insert/delete permissions

"Full" grants the ability to modify permissions for the object. It is one
step down from object owner.
"Modify" grants only the ability to create/read/write/delete

Of course, the terminology varies depending on the OS.

Bob
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 22 '05 #11
> "Full" grants the ability to modify permissions for the object. It is one
step down from object owner.


YES! Now can someone please enlighten me as to how a malicious user will
(a) know that you granted IUSR_ this extra permission, and (b) how they will
take advantage of it.

FWIW, I typically grant Full Control because I'm a lazy ignoramus. After
all, it's checking one box as opposed to three.
Jul 22 '05 #12
Aaron Bertrand [SQL Server MVP] wrote:
"Full" grants the ability to modify permissions for the object. It
is one step down from object owner.
YES! Now can someone please enlighten me as to how a malicious user
will (a) know that you granted IUSR_ this extra permission, and


Obviously, unless he has physical/directory access to the machine, in which
case your goose is already cooked, he won't.
(b)
how they will take advantage of it.
No way that I can think of.

However, that does not invalidate the "least privilege" principle.
Neglecting it in one specific situation may make it easy to neglect it where
it really counts.

FWIW, I typically grant Full Control because I'm a lazy ignoramus.
After all, it's checking one box as opposed to three.


Again, it depends on the OS. On my machine, clicking Modify causes the lower
checkboxes to be checked. On older systems, yes, I remember having to check
multiple checkboxes.

And I will dispute that "lazy ignoramus" label.

Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 22 '05 #13
"Aaron Bertrand [SQL Server MVP]" wrote in message
news:u$******** ******@TK2MSFTN GP12.phx.gbl...
:> "Full" grants the ability to modify permissions for the object. It is one
: > step down from object owner.
:
: YES! Now can someone please enlighten me as to how a malicious user will
: (a) know that you granted IUSR_ this extra permission, and (b) how they
will
: take advantage of it.

Well, then just give the anonymous user Full Rights to your entire web root
them. How will they know you granted the extra permission? After all, READ
rights are inclusive to Full Rights. Define "they". They the net user,
they the local user...?

: FWIW, I typically grant Full Control because I'm a lazy ignoramus. After
: all, it's checking one box as opposed to three.

I'm sorry to hear that. I may have to remove your pedestal. (O:=

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp
Jul 22 '05 #14
"Jess" wrote in message
news:AF******** *************** ***********@mic rosoft.com...
: Thanks for the help.

While we differ slightly in our views, Aaron did direct you to a good
article to let you know you need at least modify rights on the folder
containing your database to solve your issue. Good luck to you.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp
Jul 22 '05 #15

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1176
IDE / Server file permission problem?
by: cigwork | last post by:
Using VS.NET 2K3 pro. My development environment is set up with project & source files on a network drive and until a recent server hardware failure followed by a restore/rebuild this worked very well. I now find that apps blows up with the FileIoPermission error when I try to run the app in either debug/release mode from the IDE or as a built .exe on the network drive. The first time I tried to run a project setup like this the IDE...
.NET Framework
1
2361
ATL Server and access to local drive
by: Leonid | last post by:
Hello I have VC++ .NET 2003 ATL Server project. In one of its method I need to write some information in a local txt file. This txt file and this ATL Server are on the same ‘C: \’ drive. When I tried it I just get ERROR_ACCESS_DENIED error from GetLastError function. What do I need to modify to let this ATL Server to write on local hard drive? Is it file’s access permission or ATL Server security settings Thanks a lot for hel ...
.NET Framework
5
449
Server Error in '/' Application.
by: Matthew Louden | last post by:
I have no idea what this run-time error about. Any ideas? I already change the web.config file for the attribute <customErrors mode="Off"/> but still not work. Server Error in '/' Application. Runtime Error Description: An application error occurred on the server. The current custom
ASP.NET
1
4901
Win2003 Server - Access to the path is denied
by: Jody Gelowitz | last post by:
We are having an issue in that when trying to read a file that is on Server2 from Server1 (through our ASP.NET project), we receive the error: Access to the path "\\Server2\MyShare\MyFile.tif" is denied. Here is the server setup that we have: Dev - Development Computer on WinXP Pro SP2 (IIS5), VS2003 developing under .NET Framework 1.1 Server1 - Web Server on Win2003 Server (IIS6) Server2 - File Server on Win2003 Server
ASP.NET
2
2562
ASPNET permission to to access SQL Server Express on localhost
by: William LaMartin | last post by:
in Visual Studio 2005 I have a what is now called in 2005 a web site that when run as a file base web connects fine to SQL Express running on the local machine. However, when I publish this web to a sub web of the default web in IIS on the local machine, and load the page that accesses SQL Server Express in the browser it produces a permission error for ASPNET. How do I grant ASPNET permission to SQL Server Express? I have read that I...
ASP.NET
17
5108
Server Unavailable - ASP.NET 2.0 on Windows XP
by: Jon B | last post by:
Hi All! I have a ASP.NET 2.0 site that works on the Windows 2000 Server. However, when I tried to view this site on my local Windows XP machine, I get "Server Unavailable". If I switch the Windows XP IIS back to ASP.NET 1.1 then I get the Configuration Error (which is understandable because I'm trying to run an ASP.NET 2 site with 1.1 framework). I can however view other ASP.NET 1.1 sites on my local Windows XP machine. It's only the...
ASP.NET
0
9029
Windows XP Server object, ASP 0178 (0x80070005) The call to Server.CreateObject failed while checking permissions.
by: Bronik | last post by:
I found the best solution to this problem What you need to do is go to event viewer - System Log. Look at the error it will look something like that The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {671E00F1-44C3-401E-9E33-8E5E585F26BE} to the user WK01SF78\IUSR_XXXXXX SID (S-1-5-21-2939499473-2795378169-3261179525-1005). This security permission can be modified...
ASP / Active Server Pages
9
3096
sql server 2005 tools configuration starts when I build a distribution project (VB 2005)
by: Alessandro | last post by:
When I build a setup project under vb2005, starts "Microsoft sql server 2005 Tool" showing "Please wait while windows configures Microsoft sql server 2005 tools" Then it stop with this message: Failure setting security rights on users account SQLServer2005NotificationServicesUser$M2 If I give the user administrator rights it does not happen and buid goes right. I I remove the user from administrators the message is showed again. I...
Visual Basic .NET
0
1130
Launching out-of-process COM server from Web Form
by: David St. Hilaire | last post by:
Hi, I'm having trouble creating a COM object in my ASP.NET Web Form. The COM object (IFoo) is in a DLL, but it creates another COM object (IBar) that is defined in an out-of-process COM server EXE. I added a reference to the object's DLL to my Web Form solution. I create the object with the line: FooClass foo = new FooClass();
ASP.NET
7
1773
writing permission on SQL server
by: eranby | last post by:
Hi, I connect the SQL server in my application using this code : ConnectionStringSettings settings = ConfigurationManager.ConnectionStrings; con = new SqlConnection(settings.ConnectionString); but I have no writing permission the database is for read only what should I do in order to add writing permission? thanks Eran
Microsoft SQL Server
0
9721
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
10633
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
10376
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10375
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
1
7651
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
5548
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
5686
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4331
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3860
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us