I have a code which is similar this:
string file;
using (StreamReader r = new StreamReader("xml.xml"))
{
file = r.ReadToEnd();
}
XElement xml = XElement.Parse(file);
using (XmlWriter w = XmlWriter.Create("xml.xml")) //The point of problem!
{
w.WriteStartDocument();
...;
w.WriteEndDocument();
}
When I try run it like a console application is everything all right. But problems start when I want to use it in an ASP.NET application. At the using line it throws UnauthorizedAccessException exception with a description "access to the path is denied". Why?
You need to check which account your application Pool is using to access your server files/folders, for example, make one code to copy one file to application folder, check all security info, copy and paste on this problem folder, normally use this account "IIS_IURRS" give full control to test only...
If IIS/the web server is configured correctly, an account with a very limited set of permissions is used. As your path points to the application directory, it is very likely that the application pool account is not allowed to write to this location.
If you run the code in a console application, your user's permissions are applied and it is more than likely that you are allowed to write to the output folder of the project as Visual Studio writes the build output there under your account.
I would not recommend to change the application pool account or the permissions of the application folder in the file system - it is a very sensible limitation that limits the amount of trouble an attacker can possibly make.
Therefore I'd recommend to either move the file to a folder that the account can write to without changing permissions or define a special one outside of the application folder hierarchy that the account is given permissions to.
Also keep in mind that multiple users might access the file at the same time, so a database might be a better choice to store the data.
Related
So I have a problem in my ASP.NET MVC application, it doesn't want to save the xml file after I publish it. I have a form which I post to a controller using ajax, and then I use that data to create an xml file which i then want to save.
I use the following code to generate my xml file and save it:
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(rawXml);
StreamWriter path = new StreamWriter(Server.MapPath("/"+ fileName + ".xml"));
xmlDoc.Save(path);
If I run my application in debug It writes the file to ~/MySolution/MyProject/MyFile, no problem.
So when I publish the app to the IIS 7 server on my computer and load the app through localhost/MyApp, I expect it to write the file to C:\inetpub\wwwroot\MyApp\MyFile but it doesn't.
I have enabled permissions to the folder inetpub and all the subsequent folders for NETWORK SERVICE. But the AJAX post keeps returning in Error and the file doesn't appear in the folder, so I assume it's not allowing to write the file to the specified path, or the path is incorrect, ether way I don't know how to check what's gone wrong.
How do I make the published app write the xml file to the C:\inetpub\wwwroot\MyApp\MyFile path?
First of all it's not recommended to write any files in the root folder as writing to root folder cause appdomain to recycle after certain number of writes (default is 15) causing session loss. See more details here.
I would suggest you to add a path of your server to web.config and then fetch it in your code.Use something like below in the appsettings section of web.config
<add key="filePath" value="C:\inetpub\wwwroot\MyApp" />
Regarding the permissions please add Users group to your folder and give that group full permission (read/write).
To further find out which specific user (as there are too many use cases) is used by w3wp you can use process monitor as explained below
Capture Process Monitor log while reproducing issue
Filter on Access Denied
No Access Denied, so filter on w3wp.exe
Look for access to 401-3.htm
Review entries before the 401-3.htm to determine what file was accessed last
Check permissions based on successful QuerySecurityFile operation for last file accessed (in this case was asp.dll)
I have a web service that is trying to write a file to a file share.
The application pool for the site in iis is running as a custom domain account: "domain\domainaccount"
I'm operating under the assumption and hope that when the code tries to write the file it will use the "domain\domainaccount" user to do so.
Executing the following line of code produces the error: Access to the path [filename] is denied
FileStream stream = File.Create(fileName, result.Length);
I have confirmed that the "domain\domainaccount" account has access to [filename] which is the full path of the file including the file name. I have even given the account access from the very top of the share structure, not just the specific folder the file needs to be written to. In fact, if I run notepad as "domain\domainaccount" I can save a file to that exact location.
What might I be doing incorrectly? Is it not using the domain account to write the file? If not, can I change something so that it does?
I should note that if I log into the iis server and run the web service from there, I do not get the access denied message and the file is created.
Im trying to get the Users/Shared folder location in Mac so that i can write common user data(license) to it.I tried using
System.IO.Path.Combine (Environment.GetFolderPath (Environment.SpecialFolder.CommonApplicationData));
But its returning the folder in which I'm logged in.I know that i need to place the common application data in the Application Support folder but i think root privilege is required for this.If there is a better way to write to that folder,please suggest.
UPDATE:
I tried doing
File.Copy ("myfile.rtf", "Users//Shared//ll.txt");
But i get this exception >> Destination directory not found: Users/Shared
In OS X the directory is simply /Users/Shared, and it's directly off the root of the volume. There's no need to do Environment.GetFolderPath...
If you want to have user data or application data that can be shared by multiple users (read+write) you'll either want to create your own directory:
/Users/Shared/MyApp
and/or you can use:
/Users/Shared/Library/Application Support/MyApp
This way your application can share user data and application settings with all users. The /Library/Application Support folder (not to be confused with the one shared one), is owned by the system and anything that needs to write to it must obtain permission. The contents are read only, even for admin level users — something you'll want to consider when deciding where to store shared application data.
I have created a .msi by using VS2008 setup project. My application frequently writes some value in a .txt file in the application directory (C:\Program Files\MyApp\MyFile.txt). After insalling it in Win7, it raises an exception "Access to the path .... is denied."
But whenever I run it as administrator, no such exception occurs. Here is my sscce
string FilePath=Application.StartupPath + #"\AppSettings\CurrentUserName.inf";
using (StreamWriter writer=new StreamWriter(FilePath,false))
{
writer.Write(txtLoginName.Text.Trim());
}
MainForm.ProcessLogIn();
this.DialogResult = DialogResult.OK;
I don't know how to solve this problem. Any suggestion?
Move your file out of Program Files directory. In Win7 is readonly for normal users.
You could move the file in the ProgramData directory.
Your installer should create a directory for your application there.
Then inside your code you could retrieve the correct full pathname using these lines of code
string dataPath = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData));
string appFile = Path.Combine(dataPath, "MyAppDir", "MyFile.txt");
usually (on Win7) this result in a path like this
c:\programdata\MyAppDir\MyFile.txt
but using the SpecialFolder enum you are guaranteed to use a folder available in readwrite to your application not depending on the current operating system.
The only way to solve this problem is to not write to that folder. You are not allowed to write to that folder by convention, unfortunately, older versions of Windows did not hold you to this.
Instead, you can use Environment.SpecialFolder to help you find where you need to go:
// your application data for just that User running the app
var perUserAppData = Environment.GetFolderPath(
Environment.SpecialFolder.ApplicationData);
// your application data for ALL users running the app
var allUsersAppData = Environment.GetFolderPath(
Environment.SpecialFolder.CommonApplicationData);
// better!
var path = Path.Combine(perUserAppData, #"MyApp\MyFile.txt");
Basically, Windows 7 is telling you that you're going to have to stop driving on the sidewalks and use the street as was intended.
As a short-term fix, you can use ICACLS to grant write access to the file. Note: NOT the whole directory.
As a longer term fix, you should NOT write to the program directory if you are running as unprivileged users, but instead somewhere like %LOCALAPPDATA% or %APPDATA%.
In my .net windows application am using a xml file .
But after installing the application by creating setup, while I am running that 'Access Denied' to that xml file message is shown.
I am using System.IO.File methods for doing file operations.
If any body knows the solution pls share.
Write access to program directory has been more and more restricted (starting with XP/Vista) since that is a secruity risk!
I would suggest to have the "base version" of that file readonly in your program directory...
Upon start of your app you check whether it is present in ApplicationData or LocalApplicationData or CommonApplicationData - (to get the real path at runtime use Environment.GetFolderPath). If it is not there then copy it there - in those locations your application has write access by default with no need for Administrator rights.
Program Files folder has limited access and can be modified by Administrator account. I would suggest you to save your xml file in *C:\Users\YourPCName\AppData\Local\YourAppFolder* .
This way you will be able to access and modify the file
I had this problem once so I used Isolated Storage and that fixed my problem. It may or may not work for you depending on the nature of your situation, but here's a quick tutorial on how to use it:
http://www.codeproject.com/KB/dotnet/IsolatedStorage.aspx