Jump to content

Archived

This topic is now archived and is closed to further replies.

satancisurferz

PHP IIS6 Security Vs IUSR_<MACHINENAME> Question

Recommended Posts

Hello,

I'm new to the PHP/MySQL world.
I found a really cool open source Photo Album on the Web... and I tried to install it on my Windows 2003/IIS6 server.
Everything went fairly fine.

Now, I have one question.
Is it possible to run PHP code using a different user than the anonymous one (IUSR_<MACHINENAME>)?

Here's my problem.
The images used in my photo album are stored in a folder on my server hard drive.  Inside the photo album, there's a security management that can prevent users from accessing some images.  However, to be able to create image, I had to give "MODIFY" access on my images folder.  So, If users bypass the PHP code, they can access them by just typing the complete URL in a browser.

In ASP.NET, we don't have to give access to the IUSR user since the user "NETWORK SERVICE" is used for running all ASP.NET code.

I was wondering if there's something similar in PHP?

Thanks!
Pascal

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.