This is the Title of the Book, eMatter Edition
Copyright © 2008 O’Reilly & Associates, Inc. All rights reserved.
Chapter 8: Internet Information Services
these permissions also are independent of filesystem permissions. Here’s a reminder
of the available rights:
Script source access
Enables users to view the source code to scripts and applications within the
selected directory, assuming they have read or write permissions to that directory.
Enables users to view or download files or directories, along with their individ-
Enables users to upload files to the selected directory. It also enables them to
change existing files within that directory.
Enables users to view an HTML page listing the contents of the selected direc-
tory, including any subdirectories. Note that these subdirectories listed in this
view are physical filesystem directories, not IIS virtual directories.
As I mentioned earlier in the chapter, users browsing web content on your IIS
machines are actually logging in to a guest-like IUSR account on your machine or
directory service. Out of the box, Windows Server 2003 sets the following restric-
tions on the NTFS permissions given to the IUSR account:
• A user logged on through the IUSR account can only read and list the contents
of the web root directory. No execute permissions are present, so scripts cannot
run and no one can write files to the directory.
• The IUSR account has read, execute, and list contents permissions inside the
Windows directory, just as the Authenticated Users group does.
Other than those exceptions, the IUSR account has no NTFS permissions across any
file or folder on a disk. You can use the NTFS permissions, as covered in Chapter 3,
to lock down IUSR’s ability to further access content on your site.
Evaluate the Indexing Service
The installation process for Windows Server 2003 does not install the Indexing Ser-
vice out of the box, so that ounce of prevention is a good step. However, indexing
files on your hard disk or network opens up a whole host of issues that might be dif-
ficult to predict without careful planning. For example, what if you indicate to the
Indexing Service that you want to index all files on your drive? The service would
gladly do so, but it might also find angry letters to your users’ superiors, love notes to
their wives or girlfriends, salary information from the payroll department, memos
from the boss on the latest round of layoffs, and so on. You can see that access to
these bits of information by just anybody could create a disaster.