0

I have an API that upload a file. Before saving it, the api check if an old file is exists (internal call the DB to get the old file name). If the old file exists, there is delete command (file.delete)

In order not to get UnauthorizedAccessException, I've added delete permission in NTFS for the specific folder for the IIS_USER group.

Is this OK? Theoretically can someone delete files from that folder trough HTTP?

Is there an option to preform the delete with another local user that have delete permissions trough the API (C#) that the application IIS_USER is activating it for delete command?

Thanks in advance for any advice. Yaniv.

Yaniv Ben Yohana
  • 27
  • 8

1 Answers1

0

Maybe you should create a separate user for that web app specifically and allow access only for it. This way not every IIS hosted application (using the IIS_User) would have the rights to deal chaos in that folder. I am not sure what the security implications are, in theory if anyone can exploit your application to send a delete to this folder - files are going to be deleted. Yet you can't just forbid it as your application needs to be able to do that...

Always the more functionality you expose the more vulnerable your software is. Personally, when allowing web applications to handle files I do just that - make sure the application is running under a custom local user and allow only it rights to the specific folder. Including all security precautions you can think to make sure this api call can't be exploit...

Sorry I can't be more of a help.

astian
  • 684
  • 7
  • 18