[thelist] authenticated access to network resource via web page

spinhead evolt at spinhead.com
Thu Oct 18 15:55:01 CDT 2001


We've got a Perl script in c:\inetpub\scripts on our intranet web server.
Its job is to parse a bit of info from a dozen test machines. I've removed
anonymous access to the scripts folder, and when I look at the server
variables (using a page called whoami.asp which just iterates thru all of
'em) it says I'm accessing the scripts directory as the authenticated user
DOMAIN\myname (not really, but we're security freaks around here.)

If I'm touching the directory as an authenticated user shouldn't the Perl
script run as me and be allowed access to whatever network resources my user
has access to? It's not.

spinhead







More information about the thelist mailing list