为什么当我的 IIS 工作人员在 ASP.NET 中保存文件时权限不稳定?
[英]Why are permissions wonky when my IIS worker saves a file in ASP.NET?
问题描述
IIS 8, ASP.NET MVC 4, .NET 4.5 
IIS 8、ASP.NET MVC 4、.NET 4.5
private static string SaveProfilePicFile(UserProfileViewModel model)
{
var tempFilename = Path.GetTempFileName();
model.ProfilePic.Profile.UploadedFile.SaveAs(tempFilename);
var staticContentFilename = Helpers.GetStaticContentFilename(
StaticContentType.Avatar, model.ProfilePic.Profile.UserId);
var destinationFilename = Path.Combine(
ConfigurationManager.AppSettings["StaticContentPath"],
"profile",
staticContentFilename);
if (File.Exists(destinationFilename))
File.Delete(destinationFilename);
if (!HasJpegHeader(tempFilename)) // convert temp file into JPG
{
using (var image = new Bitmap(tempFilename))
image.Save(destinationFilename, ImageFormat.Jpeg);
File.Delete(tempFilename);
}
else
{
File.Move(tempFilename, destinationFilename);
}
return staticContentFilename;
}
I'm not interested in a code review, I know things could be done better.我对代码审查不感兴趣,我知道事情可以做得更好。 Right now I've hit an unusual problem.现在我遇到了一个不寻常的问题。 StaticContentPath points to c:\\inetpub\\wwwroot\\static.domain.com , which is being served by a different application pool which is configured to disable scripting and cache things heavier. StaticContentPath指向c:\\inetpub\\wwwroot\\static.domain.com ,它由不同的应用程序池提供服务,该应用程序池配置为禁用脚本并缓存更重的内容。 If I manually place a file in the static content folder, it will serve correctly.如果我手动将文件放在静态内容文件夹中,它将正确提供。 If the above code (from a different application pool) saves a file there, the permissions are very unusual.如果上面的代码(来自不同的应用程序池)在那里保存了一个文件,则权限非常不寻常。 I'll attach screenshots.我会附上截图。
The "default" file is one I pasted manually. “默认”文件是我手动粘贴的文件。 It properly inherited permissions from the parent folder.它从父文件夹正确继承了权限。 The hashed filename was saved by the above code, and it does not inherit permissions properly.散列文件名是由上面的代码保存的,它没有正确继承权限。 When I attempt to access the file, I get a very basic error message from IIS, the entirety of which is "The page cannot be displayed because an internal server error has occurred."当我尝试访问该文件时,我从 IIS 收到一条非常基本的错误消息,整个错误消息是“页面无法显示,因为发生了内部服务器错误”。 No styling, nothing I'm used to seeing with IIS errors.没有样式,我不习惯看到 IIS 错误。 If I manually add read permissions to the IIS_IUSRS account everything works as I'd expect.如果我手动向 IIS_IUSRS 帐户添加读取权限,一切都会如我所愿。
Why is this happening, what can I do to mitigate it, and does my code need to be updated?为什么会发生这种情况,我可以做些什么来缓解它,我的代码是否需要更新?
1 个解决方案
解决方案1
2 已采纳 2014-04-17 15:51:54
I suspect the problem is with the use of Path.GetTempFileName followed by File.Move .我怀疑问题在于使用Path.GetTempFileName后跟File.Move 。 When the uploaded file is saved to tempFilename , the temporary file gets whatever permissions are assigned to the temporary folder.当上传的文件保存到tempFilename ,临时文件将获得分配给临时文件夹的任何权限。 Moving the file preserves those permissions as is instead of recalculating the inheritable permissions based on the destination.移动文件会按原样保留这些权限,而不是根据目标重新计算可继承的权限。
Instead of File.Move , try using File.Copy followed by File.Delete :而不是File.Move ,尝试使用File.Copy后跟File.Delete :
//File.Move(tempFilename, destinationFilename);
File.Copy(tempFilename, destinationFilename);
File.Delete(tempFilename);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.