You mean setting these rights or accessing other sites?
I have the same trouble i mean security analyzer giving that call. The rights setting as we see sould be ok but security analyzer say that they are not ok on a 2016 windows server.
AFAIR the Security analyzer uses a .NET function to find out what file rights it has, but it does not actually check if it can read/write files. I noticed that sometimes there's a difference between theory and practice. I have not done any actual file read/write tests on windows 2016 TBH.
thanks for explaining
Timo, your post was extremely useful and it successfully cleared up the directory traversal vulnerabilities on our 2012 R2 servers, but we have encountered an unexpected side effect.
Site admins can no longer upload logo and favicons. File management via the file browser or HTML editor's browse functionality works fine. It is just the files that are uploaded via the Site Settings page that are not working after we removed the Users group from file permissions.
Do you have any insight regarding this issue?
It never occurred to me that this might be a DNN issue and not related to the file security changes we had recently made. Those files are typically updated rarely, so we hadn't noticed the problem.
Thanks!
Posted By Noah Bast on 06 Jul 2020 01:39 PM It never occurred to me that this might be a DNN issue and not related to the file security changes we had recently made. Those files are typically updated rarely, so we hadn't noticed the problem. Thanks!
Ok, if in the end it is related to the NTFS security, please let me know..
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.