MORE INFORMATION
NOTE: References to Shtml.dll, Author.dll, or Admin.dll apply equally to
their CGI counterparts, Shtml.exe, Author.exe, and Admin.exe, on IIS 1.x
servers. FrontPage only edits access control lists (ACLs); it does not
change file access permissions of accounts not listed in the following
section.
File Permissions Assigned by Check Installation
Check Installation is a feature of the FrontPage 97 Server Administrator
(Fpsrvwin.exe) that you can run to correct problems in NTFS permissions.
When you run Check Installation, permissions are set on the files as
follows:
Windows NT directory:
\WINNT\Frontpg.ini
INTERACTIVE: Read (R)
NETWORK: Read (R)
\WINNT\System\Fp20htp.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System\Fp20tl.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System\Fp20txt.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System\Fp20utl.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System\Fp20wel.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Infoadmn.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Mfc40.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Msvcrt40.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Netapi32.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Netrap.dll
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Rpcltc1.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Samlib.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\WINNT\System32\Wsock32.DLL
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
Microsoft FrontPage Installation Directory:
NOTE: FrontPage is installed to one of the following directories by
default: C:\Program Files\Microsoft FrontPage or C:\Microsoft FrontPage.
\Microsoft FrontPage\Servsupp
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\Microsoft FrontPage\Servsupp\Fp20msft.dll
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Servsupp\Servers.cnf
INTERACTIVE: Special Access (R)
NETWORK: Special Access (R)
\Microsoft FrontPage\Bin
INTERACTIVE: List (RX)(Not Specified)
NETWORK: List (RX)(Not Specified)
\Microsoft FrontPage\Bin\Fp20vss.dll
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Bin\Fpext*.msg
(only if files are present for multi-language support)
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Isapi\
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\Microsoft FrontPage\Isapi\_vti_bin
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\Microsoft FrontPage\Isapi\_vti_bin\Shtml.dll
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Isapi\_vti_bin\_vti_adm\
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\Microsoft FrontPage\Isapi\_vti_bin\_vti_adm\Admin.dll
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Isapi\_vti_bin\_vti_aut\
INTERACTIVE: Read (RX)(RX)
NETWORK: Read (RX)(RX)
\Microsoft FrontPage\Isapi\_vti_bin\_vti_aut\Author.dll
INTERACTIVE: Read (RX)
NETWORK: Read (RX)
\Microsoft FrontPage\Temp
INTERACTIVE: Special Access (RWX)(RWX)
NETWORK: Special Access (RWX)(RWX)
\Microsoft FrontPage\Temp\Frontpg.lck
INTERACTIVE: Special Access (RW)
NETWORK: Special Access (RW)
Web Content Area:
When you run Check Installation on an existing FrontPage web, the files and
directories in the content root directory are modified. No changes are made
to NTFS permissions in FrontPage subwebs. The minimum access permissions
required in FrontPage subwebs are set by duplicating the permissions in the
following list on all "_vti_*" directories and the files stored within
these directories. In addition, you need to set read permissions on
Shtml.dll for browsers, Author.dll for authors, and Admin.dll for
administrators. The following list assumes that your web content is stored
in \Inetpub\Wwwroot.
\Inetpub
(all directories enclosing the content root grant list permissions
to these accounts)
INTERACTIVE:List (RX)(Not Specified)
NETWORK: List (RX)(Not Specified)
\Inetpub\Wwwroot
INTERACTIVE: List (RX)(Not Specified)
NETWORK: List (RX)(Not Specified)
\Inetpub\Wwwroot\_vti_pvt
INTERACTIVE: Change (RWXD)(RWXD)
NETWORK: Change (RWXD)(RWXD)
\Inetpub\Wwwroot\_vti_pvt\botinfs.cnf
INTERACTIVE: (RWX)
NETWORK: (RWX)
\Inetpub\Wwwroot\_vti_pvt\bots.cnf
INTERACTIVE: (RWX)
NETWORK: (RWX)
\Inetpub\Wwwroot\_vti_pvt\services.cnf
INTERACTIVE: (RX)
NETWORK: (RX)
\VSS\Win32\Ssapi.dll (If Visual SourceSafe 5 is installed)
INTERACTIVE: (RX)
NETWORK: (RX)
\VSS\Win32\Ssxx.dll where xx represents the country code. For example,
Ssus.dll, which is the default if no other country code is present,
represents the United States. (If Visual SourceSafe 5 is installed.)
INTERACTIVE: (RX)
NETWORK: (RX)
Additional File Permissions Assigned by Installation
File permissions are assigned to the following list of files when FrontPage
is installed. This list combined with the previous list demonstrate the
changes made when you install FrontPage on the server.
NOTE: This list assumes that the built-in NT Administrators and System
groups already have full control over the entire drive, and that the
IUSR_<hostname> account is granted read access to the web content before
FrontPage is installed.
FrontPage assumes that an account with read access to the web content
requires read access after installation. Such accounts become end users of
the web content. IUSR_<hostname> is only granted access if it had access to
the files at installation time. You can substitute "all user accounts with
read access to the web content" in place of IUSR_<hostname>. Regardless of
what access permissions these accounts had prior to installation, they are
normalized to the access permissions described in the following list during
the installation process. The installing account is explicitly given
administrator rights throughout the content area even though they are
already an administrator. (NOTE: You need to be an NT Administrator to
successfully run the FrontPage Server Administrator.)
Microsoft FrontPage Installation Directory:
NOTE: FrontPage is installed to one of the following directories by
default: C:\Program Files\Microsoft FrontPage or C:\Microsoft FrontPage.
\Microsoft FrontPage\Temp\_x_todo.htm
INTERACTIVE: Special Access (RWX)
NETWORK: Special Access (RWX)
Web Content Area:
\Inetpub\Wwwroot
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
All Browsable Content
IUSR_<host_name>: Special Access (RWD)
\Inetpub\Cgi-Bin
IUSR_<host_name>: Special Access (RWXD)(RWD)
The Installing Account: Special Access (RWXD) (RWD)
\Inetpub\Wwwroot\_vti_log
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
\Inetpub\Wwwroot\_vti_pvt
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
\Inetpub\Wwwroot\_vti_pvt\Access.cnf
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Doctodep.btr
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Deptodoc.btr
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Httpconf.lck
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Service.cnf
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Services.org
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\Svcacl.cnf
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_pvt\uniqperm.cnf
IUSR_<host_name>: Special Access (RWD)
The Installing Account: Special Access (RWD)
\Inetpub\Wwwroot\_vti_txt
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
\Inetpub\Wwwroot\_vti_bin
IUSR_<host_name>: Read (RX)(RX)
The Installing Account: Read (RX)(RX)
\Inetpub\Wwwroot\_vti_bin\Shtml.dll
IUSR_<host_name>: Read (RX)
The Installing Account: Read (RX)
\Inetpub\Wwwroot\_vti_bin\_vti_aut
The Installing Account: Read (RX)(RX)
\Inetpub\Wwwroot\_vti_bin\_vti_aut\author.dll
The Installing Account: Read (RX)
\Inetpub\Wwwroot\_vti_bin\_vti_adm
The Installing Account: Read (RX)(RX)
\Inetpub\Wwwroot\_vti_bin\_vti_adm\Admin.dll
The Installing Account: Read (RX)
\Inetpub\Wwwroot\_vti_cnf
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
\Inetpub\Wwwroot\_private
IUSR_<host_name>: Special Access (RWXD) (RWD)
The Installing Account: Special Access (RWXD) (RWD)
Changes in Permissions Required by FrontPage 1.1
IUSR_<hostname> now only has RX to all executable directories (_VTI_*)
thereby closing a security hole. This is a change from FrontPage 1.1. In
FrontPage 1.1, the IUSR_<hostname> account was granted Full Control to the
_vti_bin directory and Shtml.exe. If an intruder had the IUSR_<hostname>
password and logged into the machine they would have write permission in an
executable directory. FrontPage 1.1 itself NEVER allowed any clients to
write into the _vti_bin directory, so the security threat was only from
other means of access to the web server file system. Now that the
IUSR_<hostname> account is only granted RX to the _vti_bin, this potential
hole is sealed. It is no longer necessary to be an NT Administrator to
administer webs using FrontPage Explorer.