Hi,
i want to give a client ftp-access to a www-directory on a server 2012r2.
The www use the app-pool-identity, the app-pool-identity is a local account which is only in the guest-group. The account has full access to the www-directory.
So far so good. The website works, but when i use the filesystem-object i can access all folders on the server where the app-pool-identity is not explicit denied. It´s not possible to read files, but enumerate the folders.
I never tried that until today and it confuses me. What is the best practise for this?
Regards
Matze