Your location:Tech News>OS>Windows Sever>FSO solution in Win2000 server

Latest News

FSO solution in Win2000 server



When ASP is executed it accesses the hard disk as 'IUSR_machine name'. The user account is not given here Permission ASP cannot read and write files on the hard disk.

Solution: Open the Explorer on the server right-click the directory where the asp file is located or the hard disk partition select 'Properties' and select 'Security' \u0026rdquo; tab you can now see which accounts can access this directory partition (volume) and access permissions. After the default installation it appears that 'Everyone' has full control permissions. Click \u0026ldquo;Add\u0026rdquo; to give \u0026ldquo;IUSR_machine name\u0026rdquo; to \u0026ldquo;full control\u0026rdquo; or corresponding permissions.

This has certain security risks because the permission to read and write files can be obtained through fso which is easy to be used by hackers. Here is one method.

We know that in addition to the CreateObject method you can also use general annotations to create a component. We can use HTML in ASP

Runat means it is executed on the server side and Scope means the life cycle of the component. You can choose Session Application or page (it means the current page or default)

We can also disable this component by modifying the value of Clsid such as changing the value of HKEY_CLASSES_ROOT\\Scripting.FileSystemObject\\CLSID in the registry 0D43FE01- F093-11CF-8940-00A0C9054228 to 0D43FE01-F093-11CF- 8940-00A0C9054229 (change the last one) this time the wording is:


Look at the running result no problem OK. At this time we use CF-8940-00A0C9054228\u0026quot;\u0026gt; and an error occurs.

Create a new user: iusr_domain

Set the anonymous user IUSR_DOMAIN of the corresponding site in IIS

CACLS: Set directory permissions

This way FSO is available but it will not affect others


Limit users to use FileSystemObject objects. An extreme approach is to completely unregister the component that provides the FileSystemObject object that is Scrrun.dll. The specific method is as follows:

Type in the MS-DOS state:

Regsvr32 /uc:\\ windows\\system\\scrrun.dll

(Note: In actual operation you must change to your local actual path)

?Win2000 server security setting skills-Computer Knowledge Network

Recommend article

Relate article