ASP.NET - 在应用程序之外读取和写入文件系统 [英] ASP.NET - Reading and writing to the file-system, outside the application
问题描述
有没有办法在当前 ASP.NET 应用程序之外访问文件系统,而无需四处授予 IIS_IUSRS 权限?例如,如果我想让这条线起作用:
Is there a way to access the file-system outside of the current ASP.NET application, without going around giving IIS_IUSRS permissions? For example, if I wanted this line to work:
logStream = File.Open("C:logsapp.log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);
...我通常必须向 IIS_IUSRS 组授予对 C:logsapp.log 的读/写权限.这对于在新系统上设置应用程序很烦人,需要访问的目录可能位于不同的位置.有没有办法告诉 ASP.NET 它应该有权访问哪些目录?
... I'd have to normally grant read/write permission to C:logsapp.log to the IIS_IUSRS group. This gets annoying for setting the app up on new systems, where the directories which need to be accessed can be in different locations. Is there any way to tell ASP.NET what directories it should have access to?
推荐答案
您可以使用模拟来做到这一点,但我建议您不要这样做.就安全而言,您正在进入非常危险的领域.如果您不能 100% 确定您所冒充的身份的访问权限,那么您将面临允许黑客进入您不打算进入的服务器区域的真正风险.正确设置 ACL 非常耗时,而且您不想只使用管理用户或超级用户.您想为此专门设置一个用户,如果您这样做,您只是在您已经在做的事情上添加了一个步骤.
You can do this using impersonation, but I would urge you not to do this. You're getting into very risky areas as far as security is concerned. If you're not 100% sure of the access permissions of the identity you are impersonating, then you run the very real risk of allowing hackers to get at areas of your server that you did not intend. Setting up ACL's properly is time consuming, and you do NOT want to just use an administrative or super user. You'd want to set up a user specifically for this purpose, and if you're doing that, you're just adding a step to what you're already doing.
更好的解决方案是将您的应用设计为写入您的应用控制的文件夹.您的安装可以在机器上创建文件夹并自动授予权限,而不是依赖现有的系统文件夹.
A better solution would be to design your app to write to a folder that your application controls. Your installation can create the folder on the machine and grant permissions automatically, rather than relying on an existing system folder.
http://msdn.microsoft.com/en-us/library/ms998258.aspx#pagguidelines0001_impersonationdelegation
这篇关于ASP.NET - 在应用程序之外读取和写入文件系统的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
