Re: IIS6 and CGI Upload
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 04/20/04
- Next message: m7moad awad: "Re: Cannot use Request.Form collection after calling BinaryRead"
- Previous message: Sergy S: "IIS6 and CGI Upload"
- In reply to: Sergy S: "IIS6 and CGI Upload"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 20 Apr 2004 01:26:08 -0700
This sounds like a bug in your CGI. Please check that when your code
completes without crashing that no errors like "Access denied" was ignored
by your code. Also use FileMon from www.sysinternals.com to see if the file
operations by your code is actually succeeding.
We have tests that show a properly written CGI and ISAPI DLL is perfectly
able to write to locations that they are ACL'd to do so -- so you need to
prove:
1. What is the identity that is actually executing your script
2. What is the ACLs of the directory and file that the script is trying to
write to, and does the identity from #1 have permission to do so.
3. Is the right authentication type enabled (and is the browser
authenticating) to allow the identity in #1 to remotely log-on to IIS.
IIS4 and IIS5 ran as LocalSystem, so things tend to automagically work (as
well as easy to hack). IIS6 runs as an unprivileged user with almost no
write-permissions anywhere... so things tend to fail with "Access Denied".
Many things which accidentally worked on prior IIS versions are
intentionally broken for security reasons on IIS6, and the only resolution
is for you to change your scripts/configuration to be both functional and
secure.
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Sergy S" <sergy@stouk.com> wrote in message news:140b01c42686$02d679e0$a601280a@phx.gbl... I have a cgi Perl Script which is properly configured and runs, however when upload is done through the script it does not write a file into a destination folder which was never a problem with IIS4 and IIS5. I made sure the permissions are correct and even test it by configuring the Web Server to run as an administrator account. Permissions on the folder are open for IUSR account and of course for Administrator to write to. If I set same script on IIS 5 it works properly. The Script is rather simplistic. I did a step-by-step debugging of where it fails and it seems that the script does not fail anywhere: - takes an parameter input from the user's form; - opens a new filehandle; - writes to a filehandle; - closes filehandle. When the above process is completed without errors - there is no file in place where filehandle was opened. Did I forget any configuration, required specifically on IIS6 or is this a known bug?
- Next message: m7moad awad: "Re: Cannot use Request.Form collection after calling BinaryRead"
- Previous message: Sergy S: "IIS6 and CGI Upload"
- In reply to: Sergy S: "IIS6 and CGI Upload"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
