有关公开文件目录的安全问题 [英] security issue about expose file directory
问题描述
大家好,
如果在ASP程序中,我需要显示一个pdf文件链接供用户打印
并阅读。有安全问题吗?我们正在考虑这样做
许多邮件服务器阻止带有pdf文件附件的电子邮件。我们只是尝试给用户提供一个机会让用户自己打印文件,而不是完全取决于电子邮件传送
。
谢谢。
-
贝蒂
Hi all,
If in an ASP program, I need to display a pdf file link for users to print
and read. Is there any security issue? We are thinking about doing this is
many mail servers block emails with pdf file attachment. We just try to give
an opportunity to users to print the document themselves instead of
completely depending on email delivery.
Thank you.
--
Betty
推荐答案
=?Utf-8?B ?YzY3NjIyOA ==?=于2007年1月31日写在
microsoft.public.inetserver.asp.general:
=?Utf-8?B?YzY3NjIyOA==?= wrote on 31 jan 2007 in
microsoft.public.inetserver.asp.general:
如果在ASP中程序,我需要显示一个pdf文件链接供用户打印和阅读
。有安全问题吗?我们正在考虑
这样做很多邮件服务器阻止带有pdf文件附件的电子邮件。
我们只是试图给用户提供打印文件的机会
自己而不是完全取决于电子邮件传递。
If in an ASP program, I need to display a pdf file link for users to
print and read. Is there any security issue? We are thinking about
doing this is many mail servers block emails with pdf file attachment.
We just try to give an opportunity to users to print the document
themselves instead of completely depending on email delivery.
你只需将pdf文件放在网站上,只要你的用户做了
不泄露地址,这是安全的,就像你发送
文件一样安全,他们可以把它发送给其他任何人。
您可以将文件放在密码后面,使用ASP。
根本不需要显示目录的内容。
您可以放置一个虚拟的index.asp或将IIS切换为不显示。
-
Evertjan。
荷兰。
(请更改x''我的电子邮件中的点数)
You van just put the pdf file on the website, and as long as your users do
not divulge the address, it is safe, just as safe as if you send them the
file and they can send it to anyone other.
You could put the file behind a password, using ASP.
Showing the content of a directory is not necessary at all.
You can place a dummy index.asp or switch the IIS to no show.
--
Evertjan.
The Netherlands.
(Please change the x''es to dots in my emailaddress)
您好Evertjan,
pdf文件对于在我们的网站上购买的每个用户都是唯一的。所以它是
而不是generice pdf文件。你能解释一下吗?显示内容
目录根本不需要。
Hi Evertjan,
The pdf file is unique to every user who purchased on our web iste. So it is
not a generice pdf file. Could you explain a little more "Showing the content
of a directory is not necessary at all.
您可以放置虚拟index.asp或将IIS切换为不显示。我还没得到它。
You can place a dummy index.asp or switch the IIS to no show." I don''t get it yet.
谢谢。
-
贝蒂
" Evertjan。 "写道:
Thank you.
--
Betty
"Evertjan." wrote:
=?Utf-8?B?YzY3NjIyOA ==?=于2007年1月31日写在
microsoft.public.inetserver .asp.general:
=?Utf-8?B?YzY3NjIyOA==?= wrote on 31 jan 2007 in
microsoft.public.inetserver.asp.general:
如果在ASP程序中,我需要为用户显示一个pdf文件链接,以便打印和阅读
。有安全问题吗?我们正在考虑
这样做很多邮件服务器阻止带有pdf文件附件的电子邮件。
我们只是试图给用户提供打印文件的机会
自己而不是完全取决于电子邮件传递。
If in an ASP program, I need to display a pdf file link for users to
print and read. Is there any security issue? We are thinking about
doing this is many mail servers block emails with pdf file attachment.
We just try to give an opportunity to users to print the document
themselves instead of completely depending on email delivery.
您只需将pdf文件放在网站上,只要您的用户确实
不泄露地址,这是安全的,就像你发送
文件一样安全,他们可以把它发送给其他任何人。
您可以将文件放在密码后面,使用ASP。
根本不需要显示目录的内容。
您可以放置一个虚拟的index.asp或将IIS切换为不显示。
-
Evertjan。
荷兰。
(请更改x''我的电子邮件中的点数)
You van just put the pdf file on the website, and as long as your users do
not divulge the address, it is safe, just as safe as if you send them the
file and they can send it to anyone other.
You could put the file behind a password, using ASP.
Showing the content of a directory is not necessary at all.
You can place a dummy index.asp or switch the IIS to no show.
--
Evertjan.
The Netherlands.
(Please change the x''es to dots in my emailaddress)
=?Utf-8?B?YzY3NjIyOA ==?=于2007年1月31日写在
microsoft.public.inetserver.asp.general:
=?Utf-8?B?YzY3NjIyOA==?= wrote on 31 jan 2007 in
microsoft.public.inetserver.asp.general:
>你可以放置一个虚拟的index.asp或切换IIS没有显示。我还没有得到它。
>You can place a dummy index.asp or switch the IIS to no show." I
don''t get it yet.
[请不要在usenet上使用]
[Please do not toppost on usenet]
pdf文件是唯一的在我们的网站上购买的每个用户都是。所以
它不是一个普通的pdf文件。
The pdf file is unique to every user who purchased on our web iste. So
it is not a generice pdf file.
无关紧要,如果pdf文件在您的某个web
目录中有一个位置,则可以从网上获取如果你告诉你的顾客
它在你发给他的链接中。
That does not matter, if the pdf file has a location in one of your web
directories, it can be reached from the web if you tell your customer where
it is in a link you sent him.
你能解释一下吗
根本不需要显示目录的内容。
Could you explain a little more
"Showing the content of a directory is not necessary at all.
为什么有必要?你为什么打算出演呢?
-
Evertjan。
荷兰。
(请将我的电子邮件地址中的x'变为点数)
Why would it be necessary? Why would you plan to show it?
--
Evertjan.
The Netherlands.
(Please change the x''es to dots in my emailaddress)
这篇关于有关公开文件目录的安全问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
