Hi i am installing a prestashop framework on an IIS and as you may know it asks for some directories to be accessible for writing.
I gave the permissions as needed and continued to install but due to further modules and themes installations i got errors due to not enough permissions.
I reversed every thing and on the second try i gave IUSR full control on the parent directory of prestashop to not have anymore problems.
Note this is a test version for now.
Q1: Is it ok to leave IUSR with full control permissions or will it be vulnerable?
Note also that the site will be secured.
The other idea i have is, giving full control until complete installation than leave with write access only those directories that prestashop writes to such as ~/cache etc...
Q2: Will directories with write access on IUSR be vulnerable for, for example code injection?
Thanks
Copyright Notice:Content Author:「Combinu」,Reproduced under the CC 4.0 BY-SA copyright license with a link to the original source and this disclaimer.
Link to original article:https://stackoverflow.com/questions/40670536/windows-iis-permissions-for-prestashop