Thursday
May272004
How to Shoot Yourself in the Foot
Thursday, May 27, 2004 at 12:10PM
Kids, don't program tired. And don't try to fix things when you are tired. Otherwise you'll do stuff like what I just did. I've been trying to get a Wiki to work on my office PC. FlexiWiki, the wiki I'm using (by the way - wikis are great) is run by a bunch of Active Server pages. So I copy all the files onto the web root on my office PC and try to fire them up. I get a page not available error in the browser.
Ho hum. All of my asp pages are broke. So I Google the item in the event log and sure enough, a security patch has changed the protection such that you have to give the ASPNET account more access when it runs. OK. I'm equal to that, but setting file and directory protection is something I use the cacls program for. It is a command line program and very dangerous in the wrong hands - i.e. mine.
I have to give the ASPNET account permissions in a variety of directories, including System32. OK, so I work out the commands that I need and I type them in for each directory. And then my cacls program stops working. Along with lots of other commands. This is bad. Very bad. My machine is becomming a paperweight before my eyes. And then I remember. If you don't use a special option to cacls (the /E option) it doesn't add the new settings to the directory, it replaces them. So, the only person who can now look in the System32 directory is ASPNET. And he is not logged in at the moment. And the cacls program lives in, wait for it, System32!
So, I can't run the only program that I can use to fix the problem that I have made for myself. I think I said a dirty word at this point. The only ray of light is that I'm doing this from home, using Remote Desktop. I therefore have on my home PC a proper copy of cacls which I promptly email myself at my office. Once I have the program somewhere I can run it, things can be got back to normal and all my commands brought back from the grave.
And now I'm going to bed......
Ho hum. All of my asp pages are broke. So I Google the item in the event log and sure enough, a security patch has changed the protection such that you have to give the ASPNET account more access when it runs. OK. I'm equal to that, but setting file and directory protection is something I use the cacls program for. It is a command line program and very dangerous in the wrong hands - i.e. mine.
I have to give the ASPNET account permissions in a variety of directories, including System32. OK, so I work out the commands that I need and I type them in for each directory. And then my cacls program stops working. Along with lots of other commands. This is bad. Very bad. My machine is becomming a paperweight before my eyes. And then I remember. If you don't use a special option to cacls (the /E option) it doesn't add the new settings to the directory, it replaces them. So, the only person who can now look in the System32 directory is ASPNET. And he is not logged in at the moment. And the cacls program lives in, wait for it, System32!
So, I can't run the only program that I can use to fix the problem that I have made for myself. I think I said a dirty word at this point. The only ray of light is that I'm doing this from home, using Remote Desktop. I therefore have on my home PC a proper copy of cacls which I promptly email myself at my office. Once I have the program somewhere I can run it, things can be got back to normal and all my commands brought back from the grave.
And now I'm going to bed......
Rob | Post a Comment |
Reader Comments