Monday, April 16, 2007
IIS 6.0 and other hidden options
I had thought that I had found the internet nirvana.
And it was in the form of:
ASPExecuteinMTA
This little gem reports to have all sorts of benefits for turning on. Statements like:
Your system will run significantly faster, and amazing technical descriptions like that.
However, what they don't tell you is when you run in this mode, you also loose the ability to login as credentialled users. You can still login, mind you, but any scripting you use will default to IIS's IWAM_USR account - which generally is given limited to no permissions other than reading the directory of the website you are hosting.
This is a good thing - because if you give the IWAM_USR account permissions to, um, let's say, write, or perhaps Full control -all sorts of security bad things can happen.
Like for instance being swarmed over by lovely, furry, fuzzy script kiddies and the like.
However, when you turn on the MTA switch, you will find that the FSO (or file scripting object) no longer functions because even if you login as "administrator" on the page that previously worked, it will now cause FSO to have security permissions of, IWAM_USR. And all sorts of things will happen.
Like for instance - "Directory does not exist" or "File not Found" - even when obviously the directories do exist, and the files are there.
I love microsoft....
And it was in the form of:
ASPExecuteinMTA
This little gem reports to have all sorts of benefits for turning on. Statements like:
Your system will run significantly faster, and amazing technical descriptions like that.
However, what they don't tell you is when you run in this mode, you also loose the ability to login as credentialled users. You can still login, mind you, but any scripting you use will default to IIS's IWAM_USR account - which generally is given limited to no permissions other than reading the directory of the website you are hosting.
This is a good thing - because if you give the IWAM_USR account permissions to, um, let's say, write, or perhaps Full control -all sorts of security bad things can happen.
Like for instance being swarmed over by lovely, furry, fuzzy script kiddies and the like.
However, when you turn on the MTA switch, you will find that the FSO (or file scripting object) no longer functions because even if you login as "administrator" on the page that previously worked, it will now cause FSO to have security permissions of, IWAM_USR. And all sorts of things will happen.
Like for instance - "Directory does not exist" or "File not Found" - even when obviously the directories do exist, and the files are there.
I love microsoft....
