Scenario: We have a library with objects that host Jscript for the execution
of complex validation code. This library is being called by an ASP.NET
application. The ASP.NET process has the USERS role, which means either
malicious or stupid systems developers could write a script that (for
example) instantiates a FileSystemObject, and wipes out huge tracts of hard
disk. To make things worse, there is a legitimate use for the FSO object,
but only in a single directory.

My first blush thought for solving this security ugliness is to give
read-only access to ASPNET to all files, with the exception of the one
directory where it is permitted to cause trouble. My questions are:

* Is this the best way to go about this (Windows Authentication is not an
option for me; neither is junking the Jscript hosting)?
* I assume ASPNET needs writing privileges somewhere to get its work done;
is it fairly easy to figure out where this is (I didn't find anything
obvious on MSDN, but I may be getting sloppy...)? Or can I really get away
with just giving ASPNET Read (and Execute) rights only from the disk root,
and then giving Write privileges only where I want it? I'd just go ahead
and try this, but I hate to do mass ACL changes without at least asking
someone who knows better than I about it...

Thanks.

Brian Schuth
[email]brian@my-last-name-above.com[/email]
Eastport, ME