audit file location

[David Thielen]

Hi;

I am writing an audit file of actions taken on my website. This is an audit
trail, not a log file (I open it in append only mode and the user it is
running as does not have delete or overwrite permissions).

Where should I place this? I want a folder under the webapp folder that a
user cannot get to.

 

[Dominick Baier [DevelopMentor]]

i would place it outside of the web directory. this is sensitive data and
the further away the better.

 

[David Thielen]

In the java world anything under the WEB-INF directory is not accesable by
the person hitting the site. Doesn't ASP have something like that?

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

 

[Dominick Baier [DevelopMentor]]

hi,

sure, App_Data (2.0) would be an equivalent...
1.1 does hot have something comparable

But the further away from your web root the more secure - i think this was
your original question, right?

 

[Yuan Ren[MSFT]]

Hi Dave,

Thanks for posting!

As Dominick suggested, you just put the file into the App_Data folder.
Then, the user can not access these sensitive files.

In addition, you can use the NTFS permission to prevent the unauthenticated
user accessing the sensitive file.

Thanks for your understanding!

Regards,

Yuan Ren [MSFT]
Microsoft Online Support

 

[David Thielen]

Hi;

If further away is more secure, then that means both ASP's security and NTFS
security has holes in it which is a scary thought.

App_Data seems like a logical place and since the forms security database is
there - theres much worse at risk if a user can get to that directory...

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

 

[Dominick Baier [DevelopMentor]]

i don't agree -

it is just that App_Data is a known directory - and if your application has
a programming error like directory traversal (e.g. by feeding insufficiently
input validated data in a FileStream or something similar) - as an attacker,
the first thing i would try to do is to access the App_Data (especially as
aspnetdb.mdf is also a known filename) - it is not about flaws in ASP.NET
or NTFS - it is about flaws in YOUR code.

Think about it . exploiting a flaw in your code is much harder if you don't
know what you are looking for - and as you most often cannot put directories
into directory traversal attacks - putting those files even on a separate
hard disk/partition is even more secure.

just my 2cents.

 

[Dominick Baier [DevelopMentor]]

Think about it . exploiting a flaw in your code is much harder if you

don't know what you are looking for - and as you most often cannot put
directories into directory traversal attacks - putting those files
even on a separate hard disk/partition is even more secure.

wanted to say:

and as you most often cannot put drive letters into directory traversal attacks

 

[David Thielen]

good point. Although if we screw that up, as you say the aspnetdb.mdf is an
even bigger prize.

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com