Security for writing a file

  • Thread starter Thread starter Joe Bonavita
  • Start date Start date
J

Joe Bonavita

What is the safest way to create a file on the server? I'm looking for
something like:

secureconnection();
// create the file
disconnect();
 
Can you be more specific?

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
 
I want to create a file on the server (which becomes a new page) based on
the input from a user. Once the user fills out some data a html file will be
created and the link to this file will be emailed to them.
 
Your original question was "What is the safest way to create a file on the
server?" That is what is unclear. What do you mean by "safe" and what was
the meaning of all that other pseudocode you put into your question?

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
 
Secure. I don't want to grant access to the world to be able to drop files
on the server.

What I want to do is be able to connect to the server with write access,
create a file on the server then remove the write access so the only time
anything can be written to this folder is during the time I create the file.

Here's another way of looking at it. I user on the web site fills in some
fields to create a custom web page. When they hit save the web page is saved
to the server. Once the page is saved the app will send an email to the user
with the link to their new page.

I hope this makes sense.
 
If you grant access to the account under which your ASP.Net process is
running, you are not granting it to anyone else. Therefore, only your app
will be able to do the writing to disk. So there is no security risk there.
I would recommend just having your app write the file to the disk. If you
need to limit whom has access to the app, you can require the user to log in
in order to use it.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
 
ok. So I'll just give ASPNET the rights. Thanks.

Kevin Spencer said:
If you grant access to the account under which your ASP.Net process is
running, you are not granting it to anyone else. Therefore, only your app
will be able to do the writing to disk. So there is no security risk there.
I would recommend just having your app write the file to the disk. If you
need to limit whom has access to the app, you can require the user to log in
in order to use it.

--
HTH,
Kevin Spencer
.Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
Click to expand...
 
Back
Top