ASP.NET - 读取和写入文件系统，应用程序之外 [英] ASP.NET - Reading and writing to the file-system, outside the application

问题描述

是否有访问当前ASP.NET应用程序之外的文件系统的方式，而不绕来绕去给 IIS_IUSRS 权限？例如，如果我想这行的工作：

Is there a way to access the file-system outside of the current ASP.NET application, without going around giving IIS_IUSRS permissions? For example, if I wanted this line to work:

logStream = File.Open("C:\logs\app.log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);

...我不得不通常授予读/写权限 C：\\日志\\ app.log 到 IIS_IUSRS 组。这很烦人用于设定应用了新的系统，其中需要被访问的目录可以在不同的位置。有没有办法告诉ASP.NET哪些目录，应该有机会获得？

... I'd have to normally grant read/write permission to C:\logs\app.log to the IIS_IUSRS group. This gets annoying for setting the app up on new systems, where the directories which need to be accessed can be in different locations. Is there any way to tell ASP.NET what directories it should have access to?

推荐答案

您可以做到这一点使用模拟，但我劝你不要这样做。你陷入非常危险的区域，据有​​关安全的问题。如果你不知道你是冒充的身份访问权限的100％，然后运行这让黑客获得在你不打算在服务器领域的非常现实的风险。设置ACL的正常非常耗时，而且你不想只是使用行政或超级用户。你要专门设置一个用户用于此目的，如果你这样做，你只是增加一个步骤，你已经做什么。

You can do this using impersonation, but I would urge you not to do this. You're getting into very risky areas as far as security is concerned. If you're not 100% sure of the access permissions of the identity you are impersonating, then you run the very real risk of allowing hackers to get at areas of your server that you did not intend. Setting up ACL's properly is time consuming, and you do NOT want to just use an administrative or super user. You'd want to set up a user specifically for this purpose, and if you're doing that, you're just adding a step to what you're already doing.

有一个更好的解决办法是设计您的应用程序写入到一个文件夹，你的应用控制。您的安装可以自动创建的机器和授予权限的文件夹，而不是依赖于现有的系统文件夹中。

A better solution would be to design your app to write to a folder that your application controls. Your installation can create the folder on the machine and grant permissions automatically, rather than relying on an existing system folder.

<一个href=\"http://msdn.microsoft.com/en-us/library/ms998258.aspx#pagguidelines0001%5Fimpersonationdelegation\">http://msdn.microsoft.com/en-us/library/ms998258.aspx#pagguidelines0001_impersonationdelegation

这篇关于ASP.NET - 读取和写入文件系统，应用程序之外的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！