Sun ASP

Re: Sun ASP

On Fri, 19 Mar 2004 12:18:21 -0800, Paul Fournier <info@kog.ca> wrote:
[color=blue]
>Hello all,
>
>I have gone insane trying to get an answer from sun about their products
>but their forums lack regular activity. I'm hoping you kind folks might
>be able to help me. Here is my set-up
>
>windows 2000
>Apache 2.0.48 (running under a local account)
>sun 1 ASP (Chilisoft) 4.0.0
>
>Now I have everything working properly but the problem is that a script
>in a virtual host is able to use the FSO object to write outside of it's
>document root. Anyone have any idea on how I would go about restricting
>this? Unfortunately there is no admin interface on windows for
>Chilisoft and even the casp.cnfg file does not exists. I did cruise
>through the registry and tried to alter some values (EnableParentPa ths)
>there but to no effect.
>
>Any insight would be greatly appreciated.[/color]

You could likely fix this by switching to IIS. :)

Jeff

Re: Sun ASP

I'm seriously considering it and will start making some tests next week.
However, I would like to see if I can just get this issue fixed before
investing some money into a new system and OS.

Would you recommend Windows 2003 web server?

--
::Paul Fournier::
::Programmer/Analyst::
::Center for the Digital Arts::
::1455, boul. de Maisonneuve O., VA 03-1::
::Montreal, Quebec. H3G 1M8::
::Tel.848-2424 ext 4322, Cell.576-6451, Fax.848-4599::
"Jeff Cochran" <jcochran.nospa m@naplesgov.com > wrote in message
news:40715f53.1 95079970@msnews .microsoft.com. ..[color=blue]
> On Fri, 19 Mar 2004 12:18:21 -0800, Paul Fournier <info@kog.ca> wrote:
>[color=green]
> >Hello all,
> >
> >I have gone insane trying to get an answer from sun about their products
> >but their forums lack regular activity. I'm hoping you kind folks might
> >be able to help me. Here is my set-up
> >
> >windows 2000
> >Apache 2.0.48 (running under a local account)
> >sun 1 ASP (Chilisoft) 4.0.0
> >
> >Now I have everything working properly but the problem is that a script
> >in a virtual host is able to use the FSO object to write outside of it's
> >document root. Anyone have any idea on how I would go about restricting
> >this? Unfortunately there is no admin interface on windows for
> >Chilisoft and even the casp.cnfg file does not exists. I did cruise
> >through the registry and tried to alter some values (EnableParentPa ths)
> >there but to no effect.
> >
> >Any insight would be greatly appreciated.[/color]
>
> You could likely fix this by switching to IIS. :)
>
> Jeff[/color]

Re: Sun ASP

> Would you recommend Windows 2003 web server?

Hi,

I used COBALT RaQ4's, & 550's for almost five years, and eventually made the
jumop to Windows Server 2003. Absolutely amazing!!! Took a week or two to
get used to it, but there is no going back. I got my server from oneandone,
www.oneandone.com - costs me around £600 per year, and generates me around
£1500 per day - my site gets around 1000 heavy users a day, and I have 0
issues.

G.

Re: Sun ASP

> However, I would like to see if I can just get this issue fixed before[color=blue]
> investing some money into a new system and OS.[/color]

You already have Windows 2000 so you have IIS 5 already.

Have you tried restricting NTFS security so that the virtual hosts can only
access their own files? You will need to have a different windows user for
each virtual host (I have no idea how you would do this with Apache but it
would be an Appache setting, not a Sun ASP setting).

--
Mark Schupp
Head of Development
Integrity eLearning



"Paul Fournier" <foup@alcor.con cordia.ca> wrote in message
news:u1ZBZhfDEH A.2908@TK2MSFTN GP09.phx.gbl...[color=blue]
> I'm seriously considering it and will start making some tests next week.
> However, I would like to see if I can just get this issue fixed before
> investing some money into a new system and OS.
>
> Would you recommend Windows 2003 web server?
>
> --
> ::Paul Fournier::
> ::Programmer/Analyst::
> ::Center for the Digital Arts::
> ::1455, boul. de Maisonneuve O., VA 03-1::
> ::Montreal, Quebec. H3G 1M8::
> ::Tel.848-2424 ext 4322, Cell.576-6451, Fax.848-4599::
> "Jeff Cochran" <jcochran.nospa m@naplesgov.com > wrote in message
> news:40715f53.1 95079970@msnews .microsoft.com. ..[color=green]
> > On Fri, 19 Mar 2004 12:18:21 -0800, Paul Fournier <info@kog.ca> wrote:
> >[color=darkred]
> > >Hello all,
> > >
> > >I have gone insane trying to get an answer from sun about their[/color][/color][/color]
products[color=blue][color=green][color=darkred]
> > >but their forums lack regular activity. I'm hoping you kind folks might
> > >be able to help me. Here is my set-up
> > >
> > >windows 2000
> > >Apache 2.0.48 (running under a local account)
> > >sun 1 ASP (Chilisoft) 4.0.0
> > >
> > >Now I have everything working properly but the problem is that a script
> > >in a virtual host is able to use the FSO object to write outside of[/color][/color][/color]
it's[color=blue][color=green][color=darkred]
> > >document root. Anyone have any idea on how I would go about[/color][/color][/color]
restricting[color=blue][color=green][color=darkred]
> > >this? Unfortunately there is no admin interface on windows for
> > >Chilisoft and even the casp.cnfg file does not exists. I did cruise
> > >through the registry and tried to alter some values (EnableParentPa ths)
> > >there but to no effect.
> > >
> > >Any insight would be greatly appreciated.[/color]
> >
> > You could likely fix this by switching to IIS. :)
> >
> > Jeff[/color]
>
>[/color]

Re: Sun ASP

IIS comes with windows 200o does it not?

"Paul Fournier" <foup@alcor.con cordia.ca> wrote in message
news:u1ZBZhfDEH A.2908@TK2MSFTN GP09.phx.gbl...[color=blue]
> I'm seriously considering it and will start making some tests next week.
> However, I would like to see if I can just get this issue fixed before
> investing some money into a new system and OS.
>
> Would you recommend Windows 2003 web server?
>
> --
> ::Paul Fournier::
> ::Programmer/Analyst::
> ::Center for the Digital Arts::
> ::1455, boul. de Maisonneuve O., VA 03-1::
> ::Montreal, Quebec. H3G 1M8::
> ::Tel.848-2424 ext 4322, Cell.576-6451, Fax.848-4599::
> "Jeff Cochran" <jcochran.nospa m@naplesgov.com > wrote in message
> news:40715f53.1 95079970@msnews .microsoft.com. ..[color=green]
> > On Fri, 19 Mar 2004 12:18:21 -0800, Paul Fournier <info@kog.ca> wrote:
> >[color=darkred]
> > >Hello all,
> > >
> > >I have gone insane trying to get an answer from sun about their[/color][/color][/color]
products[color=blue][color=green][color=darkred]
> > >but their forums lack regular activity. I'm hoping you kind folks might
> > >be able to help me. Here is my set-up
> > >
> > >windows 2000
> > >Apache 2.0.48 (running under a local account)
> > >sun 1 ASP (Chilisoft) 4.0.0
> > >
> > >Now I have everything working properly but the problem is that a script
> > >in a virtual host is able to use the FSO object to write outside of[/color][/color][/color]
it's[color=blue][color=green][color=darkred]
> > >document root. Anyone have any idea on how I would go about[/color][/color][/color]
restricting[color=blue][color=green][color=darkred]
> > >this? Unfortunately there is no admin interface on windows for
> > >Chilisoft and even the casp.cnfg file does not exists. I did cruise
> > >through the registry and tried to alter some values (EnableParentPa ths)
> > >there but to no effect.
> > >
> > >Any insight would be greatly appreciated.[/color]
> >
> > You could likely fix this by switching to IIS. :)
> >
> > Jeff[/color]
>
>[/color]

Re: Sun ASP

Thanks for the input Mark, [ + 20 rp3 ], and G,

I am aware that IIS 5 is on win 2k but I was thinking that I should take
the opportunity to upgrade a bit. I also like to experiment on the exact
software I plan to roll out on. It avoids those "but it worked fine on the
other IIS server" type of surprises.

As for the apache suggestion I'm afraid that Apache only runs on a
single process/account. So whatever rights I give to one I have to give to
all. Not really workable.


Paul Fournier wrote:[color=blue]
> I'm seriously considering it and will start making some tests next
> week. However, I would like to see if I can just get this issue fixed
> before investing some money into a new system and OS.
>
> Would you recommend Windows 2003 web server?
>[color=green][color=darkred]
>>> Paul Fournier::
>>> Programmer/Analyst::
>>> Center for the Digital Arts::
>>> 1455, boul. de Maisonneuve O., VA 03-1::
>>> Montreal, Quebec. H3G 1M8::
>>> Tel.848-2424 ext 4322, Cell.576-6451, Fax.848-4599::[/color][/color]
> "Jeff Cochran" <jcochran.nospa m@naplesgov.com > wrote in message
> news:40715f53.1 95079970@msnews .microsoft.com. ..[color=green]
>> On Fri, 19 Mar 2004 12:18:21 -0800, Paul Fournier <info@kog.ca>
>> wrote:
>>[color=darkred]
>>> Hello all,
>>>
>>> I have gone insane trying to get an answer from sun about their
>>> products but their forums lack regular activity. I'm hoping you
>>> kind folks might be able to help me. Here is my set-up
>>>
>>> windows 2000
>>> Apache 2.0.48 (running under a local account)
>>> sun 1 ASP (Chilisoft) 4.0.0
>>>
>>> Now I have everything working properly but the problem is that a
>>> script in a virtual host is able to use the FSO object to write
>>> outside of it's document root. Anyone have any idea on how I would
>>> go about restricting this? Unfortunately there is no admin
>>> interface on windows for Chilisoft and even the casp.cnfg file does
>>> not exists. I did cruise through the registry and tried to alter
>>> some values (EnableParentPa ths) there but to no effect.
>>>
>>> Any insight would be greatly appreciated.[/color]
>>
>> You could likely fix this by switching to IIS. :)
>>
>> Jeff[/color][/color]