开发者

Best place to keep user uploaded aspx file in asp.net application

In my asp.net application, user can send/upload aspx files & those files can be accessed by the users later(there need to implement code level security as it would be better to run the application with minimal permission). So now I need to store these files &开发者_StackOverflowamp; where is the better place to store in it. Shall I create a folder giving low permission inside the current project? or shall I create separate virtual directory like "www.mydomain.com/files" & place in it. I want to prevent the restarting of application domain also.

What is the best option to handle this situation?


How much interaction do you need between your application & uploaded aspx files? If no interaction is needed or interaction can be handled via out of process store such as database then I will recommend you have have a separate application (and virtual directory) where these files would be placed. This application should be configured to use different app pool and you use user account with minimal security permissions to run this app pool. Note that being different application, your web application would be completely isolated from this app but it also means you cannot share ASP.NET session/app state but you need to resort to say database to share the data.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜