WebApp Sec mailing list archives
Re: IIS Security
From: Saqib Ali <docbook.xml () gmail com>
Date: Mon, 21 Nov 2005 07:49:03 -0800
The traversal attacks used in the past, required getting to the cmd.exe On 11/21/05, Schmidt, Albert E <AES () ola state md us> wrote:
If the default IIS account only has access to the root document, what is the harm of placing the root document on the same disk partition as the operating system? If the account does not have access to the operating system files.
-- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better.
Current thread:
- IIS Security Schmidt, Albert E (Nov 21)
- Re: IIS Security Saqib Ali (Nov 21)
- Re: IIS Security Saqib Ali (Nov 21)
- <Possible follow-ups>
- RE: IIS Security Evans, Arian (Nov 21)