View Full Version : IIS 6 Glitch

08-24-2005, 12:49 PM
hey..my friend just discovered someting very disturbing
while viewing a word document on an iis server he could save the file on the server
once saved he could actually browse around on the account delete, upload, rename
anything he really wanted
he tried it on mine and it worked also
not by ftp !
just straight IIS account i guess

in iis i disabled write
but doesnt that mean php, asp scripts cannot write or create files?

08-31-2005, 04:25 PM
You can control permissions for different files and directories in the IIS Server manager in WS2k3. Depending on how you have it set up, you can allow php / asp scripts to write to files in certain directories as long as they have permission to do so, or are being authenticed as a certain user with certain permissions.