Jump to content


PHP IIS6 Security Vs IUSR_<MACHINENAME> Question

  • Please log in to reply
No replies to this topic

#1 satancisurferz

  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 29 September 2006 - 01:08 PM


I'm new to the PHP/MySQL world.
I found a really cool open source Photo Album on the Web... and I tried to install it on my Windows 2003/IIS6 server.
Everything went fairly fine.

Now, I have one question.
Is it possible to run PHP code using a different user than the anonymous one (IUSR_<MACHINENAME>)?

Here's my problem.
The images used in my photo album are stored in a folder on my server hard drive.  Inside the photo album, there's a security management that can prevent users from accessing some images.  However, to be able to create image, I had to give "MODIFY" access on my images folder.  So, If users bypass the PHP code, they can access them by just typing the complete URL in a browser.

In ASP.NET, we don't have to give access to the IUSR user since the user "NETWORK SERVICE" is used for running all ASP.NET code.

I was wondering if there's something similar in PHP?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users