473,221 Members | 1,612 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,221 software developers and data experts.

ASP security model / file permissions to allow updating of a database

I am developing a small website using ASP scripts to format data retrieved
from an Access database. It will run on a Windows 2003 server supporting
FrontPage extensions 2002 hosted by the company 1&1 with only limited server
configuration via a web based control panel.

My query relates to the ASP security model and how it relates to FrontPage
options for setting file access on a database file. If you know of any
online documentation covering the following issues I would be grateful for
links to it.

For various reasons (session logging, synchronising data with a master
database etc) I need to be able to write data to the database file.
Essentially the problem is this: how do I make this possible without giving
public access to the database file?

The 1&1 control panel allows me to set Read/Write/Execute/Delete permissions
for "IUSR" (I assume to mean annoymous unauthenticated users) and "NETWORK"
users (I am not sure what this refers to yet).

So far the only way I have managed to write to the database file from an ASP
script is by using the control panel to set the following IUSR permissions
on the database file:

Read = true (cannot alter this)
Write = true
Execute = true
Delete = false

I understand that when as ASP script executes, it takes on a "security
context" corresponding to the user requesting the page. In my case, when an
annonymous user makes a request that needs to be logged to the database for
example, the script that performs the logging has annonymous user
privelages. Therefore for the write to the database to be successful, IUSR
write permissions must be allowed.

Of course, these permission settings have some undesireable side effects:

1 - With "Read = true" on the database file for annonymous users means
that anyone can download the database file.
2 - With "Write = true" annonymous users could in theory directly alter
the database file eg using telnet or some similar method.

I am not sure if this this second point is true...
- What exactly do annonymous write permissions on a file/directory allow
to occur?
- I am not yet sure if the server is set up to ONLY accept HTTP GET and
POST commands from annonymous users but have contacted the hosting company
about this.

I may have found a solution to the above issues. As I am using FrontPage to
publish the site I may be able to take advantage of FP's file permission
settings by disallowing browsing by annonymous users for the directory
containg the database file.

What I need to know is whether my suggested solution to the problem really
prevents anonymous users from downloading/modifying my database file and how
would I test this?

I assume that I still have to allow IUSR read/write access to the database
file, given the ASP security issues mentioned above. (Are FP permissions
considered by the web server instead of or in conjunction with Windows file
permissions when deciding if access to a resource is to be allowed?)

To check my understanding of FP folder permissions...

- Allow files to be browsed - does this prevent downloading of files in
the folder as well as preventing folder contents from being viewed from ANY
HTTP client?
- Allow scripts to be run - does this refer to annonymous users being
allowed to view pages generated by scripts within the folder? Or does it
refer to scripts in other folders access files/data in the said folder?
- Allow prrograms to be run - this is probably not relevant to me and I
should probably disallow this option.

Also, I have read that you can create a "hidden" folder in FP just by giving
it a name beginning with an underscore. Would such a folder allow a script
to access/write to a dataqbase file? My tests seem to show that the _private
directory created by default in new FP webs does NOT allow scripts to write
to files.

Finally, is there any way within an ASP script to assume a more privileged
security context? For example, would using Sever.Execute to call another
script containg the code to modify the database use a more privileged
security context?

Thanks for your help

Francesco Tirimo
fw***@gmx.co.uk
Jul 19 '05 #1
2 3899
Maybe I'm totally missing the point here (it is quite a long post to read),
but why would you allow direct file access to your database in the first
place?
I can only sense trouble from allowing this.

I'm assuming you are using an Access DB here, but depending on how much you
want to be changing in that database, and what data is stored I would
consider of writing a number of ASP pages that can be used be priviliged
users to make changes to the database.
If you want people to simple add/delete data to the DB, this is definatly
the way to go. If you are talking about DB model changes, that's something
else.

"Fran Tirimo" <fw***@gmx.co.uk> wrote in message
news:OP**************@TK2MSFTNGP12.phx.gbl...
I am developing a small website using ASP scripts to format data retrieved
from an Access database. It will run on a Windows 2003 server supporting
FrontPage extensions 2002 hosted by the company 1&1 with only limited server configuration via a web based control panel.

My query relates to the ASP security model and how it relates to FrontPage
options for setting file access on a database file. If you know of any
online documentation covering the following issues I would be grateful for
links to it.

For various reasons (session logging, synchronising data with a master
database etc) I need to be able to write data to the database file.
Essentially the problem is this: how do I make this possible without giving public access to the database file?

The 1&1 control panel allows me to set Read/Write/Execute/Delete permissions for "IUSR" (I assume to mean annoymous unauthenticated users) and "NETWORK" users (I am not sure what this refers to yet).

So far the only way I have managed to write to the database file from an ASP script is by using the control panel to set the following IUSR permissions
on the database file:

Read = true (cannot alter this)
Write = true
Execute = true
Delete = false

I understand that when as ASP script executes, it takes on a "security
context" corresponding to the user requesting the page. In my case, when an annonymous user makes a request that needs to be logged to the database for example, the script that performs the logging has annonymous user
privelages. Therefore for the write to the database to be successful, IUSR
write permissions must be allowed.

Of course, these permission settings have some undesireable side effects:

1 - With "Read = true" on the database file for annonymous users means
that anyone can download the database file.
2 - With "Write = true" annonymous users could in theory directly alter the database file eg using telnet or some similar method.

I am not sure if this this second point is true...
- What exactly do annonymous write permissions on a file/directory allow to occur?
- I am not yet sure if the server is set up to ONLY accept HTTP GET and POST commands from annonymous users but have contacted the hosting company
about this.

I may have found a solution to the above issues. As I am using FrontPage to publish the site I may be able to take advantage of FP's file permission
settings by disallowing browsing by annonymous users for the directory
containg the database file.

What I need to know is whether my suggested solution to the problem really
prevents anonymous users from downloading/modifying my database file and how would I test this?

I assume that I still have to allow IUSR read/write access to the database
file, given the ASP security issues mentioned above. (Are FP permissions
considered by the web server instead of or in conjunction with Windows file permissions when deciding if access to a resource is to be allowed?)

To check my understanding of FP folder permissions...

- Allow files to be browsed - does this prevent downloading of files in the folder as well as preventing folder contents from being viewed from ANY HTTP client?
- Allow scripts to be run - does this refer to annonymous users being
allowed to view pages generated by scripts within the folder? Or does it
refer to scripts in other folders access files/data in the said folder?
- Allow prrograms to be run - this is probably not relevant to me and I should probably disallow this option.

Also, I have read that you can create a "hidden" folder in FP just by giving it a name beginning with an underscore. Would such a folder allow a script
to access/write to a dataqbase file? My tests seem to show that the _private directory created by default in new FP webs does NOT allow scripts to write to files.

Finally, is there any way within an ASP script to assume a more privileged
security context? For example, would using Sever.Execute to call another
script containg the code to modify the database use a more privileged
security context?

Thanks for your help

Francesco Tirimo
fw***@gmx.co.uk

Jul 19 '05 #2
Please do not multipost Fran. This is definitely a database-related question
so .asp.db was the perfect group in which to post it. Posting it here as
well did not increase your chances of getting an answer (most of us
subscribe to both groups). On the contrary, if somebody had taken his time
to answer it here, only to find that it was already resolved in the other
group, that person may have been annoyed enough to ignore any future posts
from you, thereby decreasing your chances of getting help in the future.

There are times when you will not be sure which group is most appropriate,
and you will want to post a question to both groups. In that situation, you
should use the cross-posting technique, rather than posting the same message
multiple times. To crosspost, put a semicolon-delimited* list of the
newsgroups to which you wish to post in the To: header of your post and post
it once. It, and any replies to it, will appear in all the newsgroups in
your list. So, if I reply in .asp.db, my reply will also appear here in
..asp.general.

* ... or whatever delimiter is recognized by your news client

Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 19 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: craig | last post by:
I am working on my first .NET development project that involves custom role-based security per the project requirements. This lead to a general design issue this week that really caused us some...
116
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data...
16
by: Lyle Fairfield | last post by:
There is an MS-SQL table named Bugs_Comments_and_Suggestions. There is a form named Bugs_Comments_and_Suggestions. To allow John Doe to use this form, we GRANT him LOGIN and ACCESS permissions...
3
by: patcho | last post by:
Hello, I have a problem that I was hoping to get some assistance with. I have built a split database (back end with all the tables and a password to protect the information & a front end to link...
1
by: Andrew Chanter | last post by:
I have taken over support of an A97 application which has presented an interesting and confounding scenario involving workgroup security. I cant figure out whether my predecessor deliberately...
16
by: Marina | last post by:
Hi, I am trying to find the minimum security settings to allow a windows control embedded in IE have full trust. If I give the entire Intranet zone full trust, this works. However, this is...
1
by: Earl Teigrob | last post by:
Background: When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is...
7
by: Stephen | last post by:
I have my intranet setup on our web server. It contains multiple applications, but none are set up in the default application pools. In other words, I create a webform and plop it into a...
5
by: isideveloper | last post by:
I'm building a new C# web application that will provide my company some administrative operations that were previously only completed by tweaking the data in the database. 1. Encrypted password...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: mar23 | last post by:
Here's the situation. I have a form called frmDiceInventory with subform called subfrmDice. The subform's control source is linked to a query called qryDiceInventory. I've been trying to pick up the...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.