Hi there,
I'm going to be using (anonymous) impersonation on my web site so everything
will run under IUSR. I'm a little confused about what end-users will be able
to do versus my app itself however. For instance, if I create a read-only
folder, my app (running under IUSR) can read it without issue. However, I
don't want end-users to be able to see it. Therefore, even if directory
browsing is turned off, is there any way for end-users to be able to read
what's in the folder since IUSR still has read permissions (or worse yet,
write to the folder if write permissions is also on). Thanks in advance.
I'm going to be using (anonymous) impersonation on my web site so everything
will run under IUSR. I'm a little confused about what end-users will be able
to do versus my app itself however. For instance, if I create a read-only
folder, my app (running under IUSR) can read it without issue. However, I
don't want end-users to be able to see it. Therefore, even if directory
browsing is turned off, is there any way for end-users to be able to read
what's in the folder since IUSR still has read permissions (or worse yet,
write to the folder if write permissions is also on). Thanks in advance.