关于冰盾 | 使用条款 | 网站地图
 
IIS 6.0所需要的默认ACLs权限
IIS 6.0所需要的默认ACLs权限
作者:冰盾防火墙 网站:www.bingdun.com 日期:2008-04-03
 

IIS 6.0所需要的默认ACLs权限,即IIS6.0在运行时所必需的NTFS的硬盘权限列表;有了此列表,您可以在调试基于II6.0WEB服务器的安全设置时,参考此表适当设定,而不会出现因为您的ACLs权限配置不当而引起的网站无法访问,脚本运行不了,数据库无法连接等相关问题...

NTFS permissions
Directory UsersGroups Permissions
%windir%helpiishelpcommon Administrators Full control
%windir%helpiishelpcommon System Full control
%windir%helpiishelpcommon IIS_WPG Read
%windir%helpiishelpcommon Users (See Note 1.) Read, execute
%windir%IIS Temporary Compressed Files Administrators Full control
%windir%IIS Temporary Compressed Files System Full control
%windir%IIS Temporary Compressed Files IIS_WPG List, read, write
%windir%IIS Temporary Compressed Files Creator owner Full control
%windir%system32inetsrv Administrators Full control
%windir%system32inetsrv System Full control
%windir%system32inetsrv Users Read, execute
%windir%system32inetsrv*.vbs Administrators Full control
%windir%system32inetsrvASP compiled templates Administrators Full control
%windir%system32inetsrvASP compiled templates IIS_WPG Read
%windir%system32inetsrvHistory Administrators Full control
%windir%system32inetsrvHistory System Full control
%windir%system32Logfiles Administrators Full control
%windir%system32inetsrvmetaback Administrators Full control
%windir%system32inetsrvmetaback System Full control
InetpubAdminscripts Administrators Full control
Inetpubwwwroot (or content directories) Administrators Full control
Inetpubwwwroot (or content directories) System Full control
Inetpubwwwroot (or content directories) IIS_WPG Read, execute
Inetpubwwwroot (or content directories) IUSR_MachineName Read, execute
Inetpubwwwroot (or content directories) ASPNET (See Note 2.) Read, execute

Note 1 You must have permissions to this directory when you use Basic authentication or Integrated authentication and when custom errors are configured. For example, when error 401.1 occurs, the logged-on user sees the expected detailed custom error only if permissions to read the 4011.htm file have been granted to that user.

Note 2 By default, ASP.NET is used as the ASP.NET process identity in IIS 5.0 isolation mode. If ASP.NET is switched to IIS 5.0 isolation mode, ASP.NET must have access to the content areas. ASP.NET process isolation is detailed in IIS Help. For additional information, visit the following Microsoft Web site:

ASP.NET process isolation
http://www.microsoft.com/technet ... technet/prodtechnol
/windowsserver2003/proddocs/standard/aaconruntimeprocessisolation.asp

Registry permissions
Location UsersGroups Permissions
HKLMSystemCurrentControlSetServiceASP Administrators Full control
HKLMSystemCurrentControlSetServiceASP System Full control
HKLMSystemCurrentControlSetServiceASP IIS_WPG Read
HKLMSystemCurrentControlSetServiceHTTP Administrators Full control
HKLMSystemCurrentControlSetServiceHTTP System Full control
HKLMSystemCurrentControlSetServiceHTTP IIS_WPG Read
HKLMSystemCurrentControlSetServiceIISAdmin Administrators Full control
HKLMSystemCurrentControlSetServiceIISAdmin System Full control
HKLMSystemCurrentControlSetServiceIISAdmin IIS_WPG Read
HKLMSystemCurrentControlSetServicew3svc Administrators Full control
HKLMSystemCurrentControlSetServicew3svc System Full control
HKLMSystemCurrentControlSetServicew3svc IIS_WPG Rea
 
 
最新内容:
安装和升级冰盾防火墙需要注意的问题[2006-02-08]
购买冰盾抗DDOS防火墙的十大理由[2005-09-09]
研究显示3%的互联网通讯是DDOS攻击数据[2008-04-03]
如何判断遭到流量攻击[2008-04-01]
关于DDOS攻击的全面解析[2008-04-01]
石家庄电信机房被攻击 负责人称已经报警[2008-03-26]
相关内容:

合作伙伴: 黑基网 补天科技 威盾科技 站长下载 新飞金信 北京电信 ZOL应用下载
中华人民共和国增值电信业务经营许可证京ICP备14024464 公安备案号 京1081234 
版权所有©2003-2014 冰盾防火墙  www.BingDun.com 法律声明
总机:(010)51661195