"Steve Winter" <stevewinter001@hotmail.com> wrote in message
news:%23D9iN4jgFHA.3936@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> We have a number of websites running on an IIS6 server all running under
> their own seperate Anonymous Web account and ASP.Net is configured to
> Impersonate this account for each site for file system security reasons.
> The problem comes however when one client needs to write files to their
> folders and we receive the following error:
>
> Server Error in '/' Application.
> --------------------------------------------------------------------------------
>
> Could not find a part of the path "c:\".
> Description: An unhandled exception occurred during the execution of the
> current web request. Please review the stack trace for more information
> about the error and where it originated in the code.
>
> Exception Details: System.IO.DirectoryNotFoundException: Could not find a
> part of the path "c:\".
>
> I can get around this error by adding read permissions for all folders
> from the drive root to the website directory ie. c:\ and c:\websites and
> c:\website1 but this means that the client is now able to read the
> complete file structure to their website which and other sites! Does
> anyone know of a way of resolving this security issue?
>
> Thanks - Steven
>

> OK, I think you might get what you want if you remove all
> impersonation (don't use <impersonate> in web.config) and then give
> the ASPNET user write access on the folder in question.
>
> Lars-Erik
>
> "Steve Winter" <stevewinter001@hotmail.com> wrote in message
> news:egW26vkgFHA.2852@TK2MSFTNGP15.phx.gbl...
>
>> Basically all I want to do is to make sure that the one website can
>> write to it's own folders but for some strange reason I'm getting
>> ACCESS DENIED errors (using FileMon to debug) for all directories
>> from the drive root to the website itself. I would have though that
>> just providing Write access to the relevant folder in the website
>> should be enough without having to give read access as well to all
>> folders up from the website to the drive root ?!
>>
>> "Lars-Erik Aabech" <larserik@newsgroup.nospam> wrote in message
>> news:O2AUKNkgFHA.3852@TK2MSFTNGP10.phx.gbl...
>>
>>> Hi!
>>>
>>> I'm sure you have your reasons for impersonating some other
>>> anonymous
>>> user than the default one...
>>> Can you configure the page that has to read something from C: to run
>>> under the privileges of a more privileged user?
>>> Check out the information here about configuring single pages:
>>> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrflocatione
>>> lement.asp?frame=true
>>> Here for impersonation:
>>> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfIdentityS
>>> ection.asp?frame=true
>>> And here on how to put the password in secure storage:
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;329290
>>> HTH,
>>> Lars-Erik
>>> "Steve Winter" <stevewinter001@hotmail.com> wrote in message
>>> news:%23D9iN4jgFHA.3936@TK2MSFTNGP10.phx.gbl...
>>>
>>>> Hi,
>>>>
>>>> We have a number of websites running on an IIS6 server all running
>>>> under their own seperate Anonymous Web account and ASP.Net is
>>>> configured to Impersonate this account for each site for file
>>>> system security reasons. The problem comes however when one client
>>>> needs to write files to their folders and we receive the following
>>>> error:
>>>>
>>>> Server Error in '/' Application.
>>>> -------------------------------------------------------------------
>>>> -------------
>>>> Could not find a part of the path "c:\".
>>>> Description: An unhandled exception occurred during the execution
>>>> of the
>>>> current web request. Please review the stack trace for more
>>>> information
>>>> about the error and where it originated in the code.
>>>> Exception Details: System.IO.DirectoryNotFoundException: Could not
>>>> find a part of the path "c:\".
>>>>
>>>> I can get around this error by adding read permissions for all
>>>> folders from the drive root to the website directory ie. c:\ and
>>>> c:\websites and c:\website1 but this means that the client is now
>>>> able to read the complete file structure to their website which and
>>>> other sites! Does anyone know of a way of resolving this security
>>>> issue?
>>>>
>>>> Thanks - Steven
>>>>

"Lars-Erik Aabech" <larserik@newsgroup.nospam> wrote in message
news:O2AUKNkgFHA.3852@TK2MSFTNGP10.phx.gbl...
> Hi!
>
> I'm sure you have your reasons for impersonating some other anonymous user
> than the default one...
> Can you configure the page that has to read something from C: to run under
> the privileges of a more privileged user?
> Check out the information here about configuring single pages:
> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrflocationelement.asp?frame=true
> Here for impersonation:
> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfIdentitySection.asp?frame=true
> And here on how to put the password in secure storage:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;329290
>
> HTH,
> Lars-Erik
>
> "Steve Winter" <stevewinter001@hotmail.com> wrote in message
> news:%23D9iN4jgFHA.3936@TK2MSFTNGP10.phx.gbl...
>> Hi,
>>
>> We have a number of websites running on an IIS6 server all running under
>> their own seperate Anonymous Web account and ASP.Net is configured to
>> Impersonate this account for each site for file system security reasons.
>> The problem comes however when one client needs to write files to their
>> folders and we receive the following error:
>>
>> Server Error in '/' Application.
>> --------------------------------------------------------------------------------
>>
>> Could not find a part of the path "c:\".
>> Description: An unhandled exception occurred during the execution of the
>> current web request. Please review the stack trace for more information
>> about the error and where it originated in the code.
>>
>> Exception Details: System.IO.DirectoryNotFoundException: Could not find a
>> part of the path "c:\".
>>
>> I can get around this error by adding read permissions for all folders
>> from the drive root to the website directory ie. c:\ and c:\websites and
>> c:\website1 but this means that the client is now able to read the
>> complete file structure to their website which and other sites! Does
>> anyone know of a way of resolving this security issue?
>>
>> Thanks - Steven
>>
>
>

"Steve Winter" <stevewinter001@hotmail.com> wrote in message
news:egW26vkgFHA.2852@TK2MSFTNGP15.phx.gbl...
> Basically all I want to do is to make sure that the one website can write
> to it's own folders but for some strange reason I'm getting ACCESS DENIED
> errors (using FileMon to debug) for all directories from the drive root to
> the website itself. I would have though that just providing Write access
> to the relevant folder in the website should be enough without having to
> give read access as well to all folders up from the website to the drive
> root ?!
>
>
>
> "Lars-Erik Aabech" <larserik@newsgroup.nospam> wrote in message
> news:O2AUKNkgFHA.3852@TK2MSFTNGP10.phx.gbl...
>> Hi!
>>
>> I'm sure you have your reasons for impersonating some other anonymous
>> user than the default one...
>> Can you configure the page that has to read something from C: to run
>> under the privileges of a more privileged user?
>> Check out the information here about configuring single pages:
>> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrflocationelement.asp?frame=true
>> Here for impersonation:
>> http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfIdentitySection.asp?frame=true
>> And here on how to put the password in secure storage:
>> http://support.microsoft.com/default.aspx?scid=kb;en-us;329290
>>
>> HTH,
>> Lars-Erik
>>
>> "Steve Winter" <stevewinter001@hotmail.com> wrote in message
>> news:%23D9iN4jgFHA.3936@TK2MSFTNGP10.phx.gbl...
>>> Hi,
>>>
>>> We have a number of websites running on an IIS6 server all running under
>>> their own seperate Anonymous Web account and ASP.Net is configured to
>>> Impersonate this account for each site for file system security reasons.
>>> The problem comes however when one client needs to write files to their
>>> folders and we receive the following error:
>>>
>>> Server Error in '/' Application.
>>> --------------------------------------------------------------------------------
>>>
>>> Could not find a part of the path "c:\".
>>> Description: An unhandled exception occurred during the execution of the
>>> current web request. Please review the stack trace for more information
>>> about the error and where it originated in the code.
>>>
>>> Exception Details: System.IO.DirectoryNotFoundException: Could not find
>>> a part of the path "c:\".
>>>
>>> I can get around this error by adding read permissions for all folders
>>> from the drive root to the website directory ie. c:\ and c:\websites and
>>> c:\website1 but this means that the client is now able to read the
>>> complete file structure to their website which and other sites! Does
>>> anyone know of a way of resolving this security issue?
>>>
>>> Thanks - Steven
>>>
>>
>>
>
>