Results 1 to 2 of 2

Thread: Secure?

  1. #1
    Join Date
    Dec 1969

    Default Secure?

    I have a security question. I am currently running Win 2003 server.<BR><BR>I have a website that allows the user Everyone to Read/Write/Modify files. I do this because there is a database that gets updated and an image upload/delete function.<BR><BR>What am I opening myself up to as far as security goes? Can anyone perform a task not specifically used by my ASP pages that write/read/delete?

  2. #2
    Join Date
    Dec 1969

    Default RE: Secure?

    &#062; What am I opening myself up to as far as security goes? <BR><BR>assuming you mean you&#039;ve given the &#039;everyone&#039; group NTFS rights on it all, not a lot, though I&#039;ll lay odds that you have some XSS and SQL Injection holes in there, which means someone clever could inject code and basically rip your site apart from the inside. If they were motivated to do so, that is. <BR><BR>couldn&#039;t say for sure without seeing it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts