03-15-2009
|
|
|
|
Re: FTP & IE7
"sanju" <sdherange@gmail.com> wrote in message
news:d248c08d-2abd-40e3-8e1b-c35d7ba19b65@d19g2000prh.googlegroups.com...
> Hi All;
>
> I have a ftp server with multiple virtual directory configured under
> the the
> Default FTP Site in IIS. Each virtual directory mapped to an
> individual ftp
> user. Each ftp user cannot access to other virtual directory that do
> not
> belongs to them. The anonymous access was removed in IIS.
>
> When I use IE7 to open my FTP site with one of the ftp user account, I
> found
> that this user account can browse all other virtual directories from
> the
> root although this ftp user account cannot access to other
> directories. When
> I use IE6, it works fine, the ftp user can see and access to their own
> directory only.
>
> In terms of security, I have no idea what ftp client program would my
> FTP
> user to use, if they are using IE7 as my test, they will see all
> subfolders
> (virtual directories). Is there any way that I can block it from the
> ftp
> root folder if they use IE7 to access to my ftp server.
>
> Thanks in advance!!
It sounds like you need secure FTP connections and seperate client
certificates for each user. You have noticed another problem with FTP; I
don't think this can be called a bug in IE7. The FTP connection itself is
not secure and passwords are not encrypted.
|
Linear Mode
