|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
ASP issue under IIS 7/Vista
ASP, that will not run properly on a Vista box. I believe I have covered every security possibility (at least I think I have) and I thought I'd submit this here. The process is this: We pass 1) an ID for a person in our database, and 2) an ID for an RTF format document (a standard form of some kind) to an ASP page as follows: forms_print.asp?custID=7004&formID=175 This RTF document has specially denoted fields on it, e.g. <<LastName>> that are to be replaced with data from the DB. The ASP page 1) gets the data pertaining to the person from our DB as an XML document and, 2) calls the dll to do a "text replace", i.e. replace <<LastName>> with the actual last name of the person, then 3) opens the RTF document in Word or Word Viewer for printing or whatever the user wishes. This process works flawlessly under XP, but wont work under Vista. We have reviewed permissions extensively (we believe), but just dont know where to start to solve this problem. I have written debugging capabilities into the process so that when debugging is enabled I response.write replaced data found to the screen to follow the process. In debug mode I get nothing from the page. When not in debug mode, Word opens (2007 in this case) but only a blank screen is document - no text. Thanks! "day10" <da***@discussions.microsoft.com> wrote in message Have you really covered security on Vista? You dll may need to escalate news:23A64BE0-95BF-4D83-BA6F-AB36D9330DC9@microsoft.com... >I have a relatively straightforward dll, written in VB.net, kicked off from > ASP, that will not run properly on a Vista box. I believe I have covered > every security possibility (at least I think I have) and I thought I'd > submit > this here. > privileges as it runs on Vista, if that's what it's doing, and it doesn't have the privileges to run on Vista properly. It's a possibility, if you don't know about this. http://blogs.msdn.com/shawnfa/archive/2006/04/06/568563.aspx I have not seen this before so please forgive me if this question seems too
simplistic: On this dll, we have given Full Control to IUSR, IIS-IUSR, Everyone, etc. It seems that anyone should be able to kick this thing off without issue. Does this not accomplish essentially the same thing? Thanks! Show quote "Mr. Arnold" wrote: > > "day10" <da***@discussions.microsoft.com> wrote in message > news:23A64BE0-95BF-4D83-BA6F-AB36D9330DC9@microsoft.com... > >I have a relatively straightforward dll, written in VB.net, kicked off from > > ASP, that will not run properly on a Vista box. I believe I have covered > > every security possibility (at least I think I have) and I thought I'd > > submit > > this here. > > > > Have you really covered security on Vista? You dll may need to escalate > privileges as it runs on Vista, if that's what it's doing, and it doesn't > have the privileges to run on Vista properly. It's a possibility, if you > don't know about this. > > http://blogs.msdn.com/shawnfa/archive/2006/04/06/568563.aspx > > "day10" <da***@discussions.microsoft.com> wrote in message It may or may not. You'll need to make that determination. I do know news:9EEE1728-DE69-4757-A8B7-2C573D0C4E9B@microsoft.com... >I have not seen this before so please forgive me if this question seems too > simplistic: > > On this dll, we have given Full Control to IUSR, IIS-IUSR, Everyone, etc. > It > seems that anyone should be able to kick this thing off without issue. > Does > this not accomplish essentially the same thing? Accounts with rights are no longer the factor they used to be in Vista like previous versions of the NT classed O/S(s) such as XP and Win 2K, with Vista's new security scheme. Even the user with Admin rights is locked down and can only do certain things without escalating their privileges by using Run As Administrator. It may come that you have to use the Vista UAC manifest with the solution in order to give the solution the credentials needed to present to Vista so that Vista will allow the solution to run. I am just making you aware of this. You'll need to do more research -- use Google. Here is another link that talks about UAC and why a software developer may have to deal with Vista's new security scheme. or maybe, it's IE7 if that is being used that has broke the solution due to security, if IE7 is being used. http://blogs.zdnet.com/Ou/?p=785 I will check this out - thanks again for your replies.
day10 Show quote "Mr. Arnold" wrote: > > "day10" <da***@discussions.microsoft.com> wrote in message > news:9EEE1728-DE69-4757-A8B7-2C573D0C4E9B@microsoft.com... > >I have not seen this before so please forgive me if this question seems too > > simplistic: > > > > On this dll, we have given Full Control to IUSR, IIS-IUSR, Everyone, etc. > > It > > seems that anyone should be able to kick this thing off without issue. > > Does > > this not accomplish essentially the same thing? > > > It may or may not. You'll need to make that determination. I do know > Accounts with rights are no longer the factor they used to be in Vista like > previous versions of the NT classed O/S(s) such as XP and Win 2K, with > Vista's new security scheme. Even the user with Admin rights is locked down > and can only do certain things without escalating their privileges by using > Run As Administrator. > > It may come that you have to use the Vista UAC manifest with the solution in > order to give the solution the credentials needed to present to Vista so > that Vista will allow the solution to run. I am just making you aware of > this. You'll need to do more research -- use Google. > > Here is another link that talks about UAC and why a software developer may > have to deal with Vista's new security scheme. or maybe, it's IE7 if that is > being used that has broke the solution due to security, if IE7 is being > used. > > http://blogs.zdnet.com/Ou/?p=785 > > >  |
|||||||||||||||||||||||
Other interesting topics