FSO solution in Win2000 server

When the ASP is executed, the hard disk is accessed as the identity of the IUSR_machine name. If the user account is not given permission, the ASP cannot read or write the file on the hard disk.
Workaround: Open the resource manager on the server, right click on the directory or hard disk partition where the asp file is located, select “property", select “security" tab, then you can see which ones The account can access this directory, partition (volume) and access rights. After the default installation, it appears that  Everyone” has full control. Click “Add”,“IUSR_machinename>; give “full control” or the corresponding permissions.
This has certain security risks, because the permission to read and write files can be obtained by fso, which is easy to be exploited by hackers. Here is a method.
We know that in addition to the CreateObject method, you can also use a general annotation to create a component. We can use HTML in ASP. Runat indicates that it is executed on the server. Scope indicates the life cycle of the component. Session can be used. Application or page (representing the current page, also default)
We can also disable the component by modifying the value of Clsid, such as the value of HKEY_CLASSES_ROOT\\Scripting.FileSystemObject\\CLSID in the registry 0D43FE01-F093-11CF- 8940-00A0C9054228 changed to 0D43FE01-F093-11CF-8940-00A0C9054229 (changed the last one), this time is written as:
CF-8940-00A0C9054229">
see the running results, no problem, OK. At this time we use CF-8940-00A0C9054228"> this time it went wrong.
New user: iusr_domain
Set the anonymous user of the corresponding site in IIS IUSR_DOMAIN
CACLS: Set directory permissions
This FSO is available, but it will not affect others
Preventive measures:
Restrict users from using the FileSystemObject object. An extreme practice is to completely deregister the component that provides the FileSystemObject object, which is Scrrun.dll. The specific method is as follows:
In the MS-DOS state, type:
Regsvr32 /uc:\\windows\\system\\scrrun.dll
(Note: In actual operation, you need to change to become your local actual path. )