Security Basics mailing list archives
RE: IIS 6 FTP
From: Sickle <sickle () videotron ca>
Date: Sat, 09 Oct 2004 01:20:08 -0500
1. Maybe you should try this : go to the Security tab of your root folder, click the button Advanced, activate the option "Reset permissions on all child objects and enable probagation of inheritable permissions" and click Ok, and Ok again. Before you do this, look if Users or Everyone or another group does not give other permissions to your users. Also, if the option "Allow inheritable permissions from parent to propagate..." in the Security tab of your root folder is activated, it's a good idea to deactivate this option and to choose to make a copy before doing any modification. You should not have to deny Write permission. 2. I don't know, sorry. -----Message d'origine----- De : Tyler, Grayling [mailto:ggtyler () foodlion com] Envoye : October 08, 2004 13:00 A : security-basics () securityfocus com Objet : IIS 6 FTP Couple of questions for the list. 1. I set up an non-isolation mode FTP site using a Virtual directory on the server. I configured permissions using two groups: Group NTFS settings FTP_Read Read & Execute, List Folder Contents, Read with Write set to Deny FTP_Write Modify, Read & Execute, List Folder Contents, Read and Write The FTP site is configured to allow read and write and anonymous access is turned off (basic authentication) When I log in as the user with Write permissions, it works as expected However, when I log in as the read only user, the user is allowed both read and write files. The only thing the account is limited from doing is writing over or deleting a file loaded by the Write FTP user. So what am I missing here? 2. Any one know how to turn off the FTP server identification string on IIS? Thanks all ************************************************************************** This electronic message may contain confidential or privileged information and is intended for the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify the sender immediately by using the e-mail address or by telephone (704-633-8250). **************************************************************************
Current thread:
- IIS 6 FTP Tyler, Grayling (Oct 08)
- RE: IIS 6 FTP Sickle (Oct 12)
- <Possible follow-ups>
- RE: IIS 6 FTP Tyler, Grayling (Oct 13)