WebApp Sec mailing list archives

RE: Control of cookies???

From: "Curt Purdy" <purdy () tecman com>
Date: Wed, 28 Jan 2004 10:58:50 -0600

marcelo wrote:

I need create
one method to authenticate my user, i dont know if cookie
control is a best solution but i need to arrest the user, ip
and cookie to control the user access, if the user is not
authenticated the user cannot see the documents.   Anyone can
help-me?   Sorry my english


The easiest way is with NTFS permissions.  Simply right-click on the folder,
go to security tab, uncheck "allow inheritable" and add the user you want to
give access to.  This propogates for all access including ftp.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

Current thread:

Control of cookies??? Marcelo Caffaro (Jan 28)
- Re: Control of cookies??? Erik Kangas (Jan 28)
- Re: Control of cookies??? Christian Schneemann (Jan 28)
- RE: Control of cookies??? Curt Purdy (Jan 28)
- <Possible follow-ups>
- Re: Control of cookies??? m . delibero (Jan 28)