Security Considerations

---

• ASP Security Settings
• ASP.NET Security Settings
• The ISAPI Filter and the HttpModule
• General Guidelines

---

ASP Security Settings

In ASP, FileUpEE executes in a specific user context:

• IUSR_MACHINENAME (The default anonymous user account)


OR


• An authenticated user account

To allow uploads, the IUSR_MACHINENAME or authenticated user must have Read, Write, and Modify NTFS permissions for FileUpEE's temporary and destination folders. An upload's destination folder is set in code by DestinationDirectory, DestinationPath, or SaveAs. The temporary directory for an upload can be set in code by the property TempStorageLocation. If you do not assign a value to TempStorageLocation, uploads will be cached in the system's default directory for cached files, which is determined by the system environment variable TEMP.

To change the system's default directory for cached files, reset the TEMP environment variable, as follows:

1. Open the Control Panel.
2. Select System.
3. Select the Advanced tab.
4. Click Environment variables...
5. Select TEMP from the System Variables list.
6. Click Edit.
7. Enter a new Variable Value, and click Ok.

In a 3 tier upload (client -> web server -> file server) FileUpEE will use two temporary folders, one on the Web server and one on the file server. Both temporary folders require Read, Write, and Modify permissions for the anonymous or authenticated user.

If UseMemory is set to True, FileUpEE will not write temporary files and it is not necessary to set permissions for a temporary directory.

Top

---

ASP.NET Security Settings

In ASP.NET, if impersonation is disabled - as it is by default - FileUpEE executes in the context of the ASPNET account or an authenticated user account. To allow uploads, the ASPNET account or authenticated user must have Read, Write, and Modify permissions for FileUpEE's temporary and destination folders. An upload's destination folder is set in code by DestinationDirectory, DestinationPath, or SaveAs. The temporary directory for an upload can be set in code by the property TempStorageLocation. If you do not assign a value to TempStorageLocation, uploads will be cached in the system's default directory for cached files, which is determined by the system environment variable TEMP.

To change the system's default directory for cached files, reset the TEMP environment variable, as follows:

1. Open the Control Panel.
2. Select System.
3. Select the Advanced tab.
4. Click Environment variables...
5. Select TEMP from the System Variables list.
6. Click Edit.
7. Enter a new Variable Value, and click Ok.

In a 3 tier upload (client -> web server -> file server) FileUpEE will use two temporary folders, one on the Web server and one on the file server. Both temporary folders require Read, Write, and Modify permissions for the ASPNET or authenticated user account.

If you enable impersonation, FileUp will execute in the IUSR_MACHINENAME or authenticated user context and you can set permissions as you would for ASP. Under ASP.NET impersonation is controlled in the .NET configuration file for your web application - web.config or machine.config (For information about these files, see Installing FileUpEE for ASP.NET.). To enable impersonation, set impersonate to true in the identity node of web.config or machine.config:

	<identity impersonate="true" userName="" password=""/>

The following is a sample web.config file with impersonate set to true:

	<configuration>
	<system.web>
	<compilation numRecompilesBeforeAppRestart="15"/>
	<compilers>
	</compilers>
	<assemblies>
	<add assembly="FileUpEE, Version=x.x.x.x, 
		Culture=neutral, PublicKeyToken=f593502af6ee46ae"/>
	<add assembly="MimeClient, Version=x.x.x.x, 
		Culture=neutral, PublicKeyToken=f593502af6ee46ae"/>                
	<add assembly="FileUpEEProgress, Version=x.x.x.x, 
		Culture=neutral, PublicKeyToken=f593502af6ee46ae"/>
	<add assembly="*" />
	</assemblies>
	</compilation>          
	<httpHandlers>
	<add verb="*" path="*.uplx" type="System.Web.UI.PageHandlerFactory"/>
	</httpHandlers>
	<httpModules>
	<add name="FileUpEeModule" type="SoftArtisans.Net.FileUpEeModule,FileUpEeModule, 
		Version=x.x.x.x, Culture=neutral,PublicKeyToken=f593502af6ee46ae"/>
	</httpModules>
	<identity impersonate="true" userName="" password=""/>
	</system.web>
	</configuration>

If UseMemory is set to True, FileUpEE will not write temporary files and it is not necessary to set permissions for a temporary directory.

Top

---

The ISAPI Filter and the HttpModule

FileUpEE's interceptors - the ISAPI filter and the HttpModule - cache request data before it is processed by ASP or ASP.NET.

The ISAPI filter and the HttpModule write to the hard drive as the local SYSTEM account, and can write to any directory on the server. The ISAPI filter/HttpModule temp directory must be on a local drive, not on a network shared drive, because the SYSTEM account does not have access to network drives.

The location of the temporary directory can be configured in the Windows registry. By default, the cache location is the system's default directory for cached files, which is determined by the system environment variable TEMP. To set a different ISAPI filter temp directory:

1. Open the Start menu, and select Run.
2. Enter regedit and click Ok.
3. Open HKEY_LOCAL_MACHINE\SOFTWARE\SoftArtisans\FileUpEe\Parameters.
4. Right-click FileUpEETempDir and select Modify.
5. In Value Data, enter the path and folder name.

To change the system's default directory for cached files, reset the TEMP environment variable, as follows: Open the Control Panel. Select System. Select the Advanced tab. Click Environment variables... Select TEMP from the System Variables list. Click Edit. Enter a new Variable Value, and click Ok.

Top

---

General Guidelines

• Don't allow write access to critical directories such as "C:\", "C:\WINNT", and "C:\WINNT\System32".
  
  
• Do audit scripts to ensure that ASP developers are writing to correct locations.
  
  
• Do audit scripts to ensure that an instance of FileUpEE is not created as an Application variable.
  
  
• Do use the TempStorageLocation property to set an appropriate temporary directory. FileUpEE needs a file cache to function. If the TempStorageLocation property is not set, FileUpEE will use the default temporary directory of the system.
  
  
• Don't prevent the IUSR_MACHINENAME account (for ASP) or the ASPNET account (for ASP.NET) from reading the system registry, especially the HKEY_CLASSES_ROOT hive.
  
  
• Don't prevent the IUSR_MACHINENAME account (for ASP) or the ASPNET account (for ASP.NET) from reading FileUpEE.DLL or MimeClient.dll.
  
  
• Don't leave the default Everyone-Everything permission on a publicly available web server.

Top

---

Copyright © 2005, SoftArtisans, Inc.