>> A question was posed on another mailing list that I'm on regarding
>> securing web directories from users on a shared IIS hosting machine.
>>
>> In CF Enterprise you can use sandbox security to keep CF scripts and
>> CFFILE and CFDIRECTORY confined to a user's own directory. Are there
>> any similar mechanisms in a shared ASP hosting environment to limit
ASP
>> scripts from doing directory listings or reading another site's
source
>> code?
>
>
>Yes and No. You ca have 2 types of Sandboxes, OS level and CF level
>Sandboxes. With OS level Sandboxes the CF Server upon receiving a
>request from the webserver finds the appropriate Sandbox username and
>logs on to the OS as that OS user. Then, while impersonating that OS
>user, it tries to execute the request. Naturally in a good setup of
ACLs
>this means security like the user actually logs in to the server and
>tries the request by hand.
>ASP works exactly the same as this model.
This I'm unclear on. That would mean that somewhere in IIS (or
somewhere else?) there's a place where you designate which NT user will
be used to execute ASP scripts? Is that just a part of setting up
"applications" in the IIS MMC? Otherwise, all ASP scipts are simply
executed as the anonymous user, if I'm not mistaken.
Jim
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
