Last post Jun 25, 2006 10:17 PM by OWScott
Jun 24, 2006 12:14 PM|ashaig|LINK
Jun 25, 2006 10:17 PM|OWScott|LINK
If you're dealing with FrontPage extensions or WebDAV then be careful with write permissions on disk. Otherwise if you don't have any uncommon doorways open, you're probably ok with write permissions on disk for just the necessary user.
There are two potential users that could be used in IIS6 to write to disk. One is the application pool user (NETWORK SERVICE by default) and the other is the anonymous user (IUSER_Machinename by default) [or authenticated user if you are using windows auth].
It depends on the technology which of those two users are used. ASP, ASP.NET, CGI, etc could utilize either of them.
If you use filemon, www.sysinternals.com you can find out for sure. Then just give the one user r/w permissions and you should be set.