IHttpHandler - configuring IIS security

C

Chris Hughes

I have implemented a HTTP handler (IHttpHandler) for HTTP PUTs, and
have some concerns as to the security of the solution.

My initial tests suggest that write and execute permissions must both
be given to the virtual directory owning the HTTP handler. Add to this
that there are potentially many thousands of computers uploading to
this directory, and this poses a very large security hole. But without
both write and execute I haven't been able to configure a working
system.

Can someone please advise whether I need both write and execute
permissions, and if not what I am doing wrong.

Many thanks,
Chris Hughes
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top