inetserver asp components: In my ASP app, I want to use the File System Object's Movefile method to move
files between directories on the ASP server. To avoid a permission denied
error, I had to grant the app's root directory Modify permission (using the
Security tab on the directory's Properties dialog).

Before I promote this app into our production ASP server, I'd like to be
sure I'm not opening up a security hole by granting the Modify permission at
the root level. Is this a reasonably safe configuration? This app is not a
financial or highly-secure application. A dedicated hacker could probably
already hack our site, they just have little reason to do so.

Thanks for any advice!

Granting modify shouldn't be a problem as long as your code is the only
thing that can shuffle stuff around, and as long as the code doesn't have
any loopholes which would allow a malicious user to subvert your code for
their own purposes. One off the top of my head would be allowing arbitrary
input into your code which would allow a clued-in hacker to grab sensitive
files by moving them from a 'safe' location to a location within the root
folder. This is most commonly exploited via querystrings or form variables
which are not thoroughly checked by validation

So you probably wouldn't be opening a security hole, but if one already
exists you could be widening it somewhat, though without a deeper knowledge
of your situation I can't say for sure. I generally grant modify unless I'm
specifically doing something with security as a higher priority.


--
Jason Brown
Microsoft GTSC, IIS

This posting is provided "AS IS" with no warranties, and confers no
rights.

[quoted text, click to view]