Click to return to the Microsoft FrontPage home page    
Web Workshop  |  Languages & Development Tools  |  Microsoft FrontPage

UNIX Security Overview

Microsoft Corporation

Updated April 15, 1999

In Microsoft® FrontPage®, there are three kinds of users defined for every FrontPage-extended web: administrators, authors, and browsers (site visitors). Permissions are cumulative: all authors also have browsing permission, and all administrators have authoring and browsing permissions.

Each FrontPage-extended web (including each subweb) contains copies of three executable CGI scripts. These scripts are created in folders below the top-level folder of a FrontPage-extended web: admin.exe for administrative tasks, author.exe for authoring webs, and shtml.exe for browse-time components such as form handlers. FrontPage performs all authoring and administrative tasks by sending HTTP POST requests to these scripts.

Authors, administrators, and browsers of FrontPage-extended webs are listed in the Web server's access file by specifying users who can POST to these scripts:

In FrontPage, the list of administrators, authors, and browsers is defined for each FrontPage-extended web. Each FrontPage-extended subweb either inherits the permissions (list of administrators, authors, and browsers) of its parent web or uses its own unique permissions. As with all other CGI programs, the FrontPage Server Extensions can be run only if they are stored in directories that are marked as executable.

The FrontPage Server Extensions are stored in three directories below the root of every FrontPage-extended web:

/FrontPage-extended web root

      /_vti_bin

            shtml.exe

            /_vti_adm

                  admin.exe

            /_vti_aut

                  author.exe

The server's configuration file needs to be modified to mark _vti_bin, _vti_adm, and _vti_aut as executable directories. You initiate and control this operation using Fpsrvadm, the FrontPage server administrator utility.

To reduce the total amount of disk space needed to support FrontPage-extended webs, the FrontPage-based executable files stored in the various _vti_* directories are stub executable files. They each invoke a full executable file installed in the directory /usr/local/frontpage/version4.0/exes.


Back to topBack to top

Did you find this material useful? Gripes? Compliments? Suggestions for other articles? Write us!

© 1999 Microsoft Corporation. All rights reserved. Terms of use.