Virtual directories

Mark · May 7, 2004

Aside from a virtual directory sharing memory with other sites, are there
security issues caused by using virtual directories? I have a collegue that
claims that a hacker could screw around with your code by executing code for
one project (virtual directory 2) from a different virtual directory 1.

www.oursite.com/virtualdirectory1/virtualdirectory2/somepageinvirtualdirecto
ry2.aspx

True or false? Thanks in advance.

Mark

bruce barker · May 7, 2004

your friend is correct. because asp.net needs access to dll's any other vdir
(when it revert back to the asp.net account) has permission to read and
load web.config, and all the dll's.

if you switch to iis6.0, you can create application pools with seperate
asp.net accounts, so you can prevent one pool hacking another, but you will
have simular issues in the same pool.

-- bruce (sqlwork.com)

Virtual Directories	4	Apr 26, 2006
cookies across virtual directories	2	Jan 16, 2007
IIS - virtual directories	1	Dec 16, 2005
pycache directories	4	Jan 22, 2013
Server.Mappath and Virtual Directories	15	Mar 22, 2006
Virtual Directories	6	Oct 7, 2006
Web.Config inheritance with Virtual Directories	0	Aug 28, 2006
#include virtual	2	Jan 24, 2008

Virtual directories

Mark

bruce barker

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads