Last post May 04, 2015 09:23 PM by Li Wang
Apr 30, 2015 12:03 AM|dch3|LINK
I'm working on a User Control that will read the contents of the folder which contains the database backups. The UC is intended for myself and two other persons as a means to check that the backups ran. The database is a SQL Express database and thus SQL
Server Agent isnt' available.
How do I setup permissions on the folder so that ASP.NET can read the contents without inadvertently creating an means by which the contents could be compromised? It's an internal app not accessible from outside the company network.
May 04, 2015 05:31 AM|Li Wang|LINK
Thank you for your post.
According to your description, two type of applications need to access the folder.
One is database server, it need to write backup files to the folder.
The other is asp.net application, it need to read data from the folder.
Please check whether the two type of applications are run in a single user environment.
If not, you could grant different permissions to each application.
The asp.net application need Read/List-folder-contents permissions.
Hoping my reply could be helpful to you.
May 04, 2015 11:53 AM|dch3|LINK
Yes, IIS and SQLServerExpress are running on the same box. The ASP.NET needs read only access, SQLServerExpress needs full access. The ASP.NET app will be reading the contents of the specific folder.
May 04, 2015 09:23 PM|Li Wang|LINK
According to your description, you could use .net cas component.
.NET enforces security polices around assemblies. It uses the evidence that an assembly has, such as the origination of the file. The runtime places all code from the local intranet into a specific group. It then uses the security policies to decide what
permissions the code should be granted at a granular level.
Below linkes are for your reference