Sunday, February 01, 2004

Governance is a concept that encompasses the idea of security around a portal deployment. It is a pretty broad idea that covers many different areas. One of these areas is the types of files that are supported for upload and download within Windows Sharepoint Services (WSS). By default, WSS provides the ability to restrict certain kinds of files, based on their extensions from being added to the document store. For example, one of the default extensions blocked is any file with the extension “.exe”. Additionally, WSS will also block multiple combinations of this extension for example, the following are also blocked.

Myfile.exe. (period at the end)
Myfile.exe.{1234.4567} (appended string)
Myfile.exe::extraInfo (additional append with a ::)

When you install SharePoint the following is the default list of extensions that blocked.

 

Ade, adp, app, asa, asp, bas, bat, cdx, cer, chm, class, cmd, com, cpl, crt, csh, dll, exe, fxp, hlp, hta, htr, htw, ida, idc, idq, ins, isp, its, jse, ksh, lnk, mad, maf, mag, mam, maq, mar, mas, mat, mau, mav, maw, mda, mdb, mde, mdt, mdw, mdz, msc, msi, msp, mst, ops, pcd, pif, prf, prg, printer, pst, reg, scf, scr, sct, shb, shs, shtm, html, stm, url, vb, vbe, vbs, wsc, wsf, wsh

 

This list of controlled extensions are blocked on the entire farm and maintained by the SPS configuration database.

 

Last week I was working with a customer on a project that required the upload of a blocked extension (.asp) type for their Intranet portal. The maintenance of these file types are controlled through a central administration screen called “Managed Blocked File Types” that can be accessed as the Sharepoint Administrator through the following ways.  

 

From the SharePoint Console:

  1. Select Start -> Administrative Tools -> Sharepoint Central Administration
  2. Select Security Configuration
  3. Click Manage blocked file types.

From the Main Portal Page

 

  1. Select Site Settings from the from portal page
  2. Select SharePoint Portal Server Central Administration
  3. Select Windows SharePoint Server Central Administration
  4. Select Manage Blocked File Types.

From within the “Manage Blocked File Types” they are managed by:

  1. Deleting the extension that you want to allow
  2. Typing the extension that you want to restrict

It is important to remember that this should not be done lightly and should always accompany a serious discussion about possible security implications within your portal governance structure. I wouldn’t argue that there is valid reason, but always review and understand any possible security implications that may result in this.


3:38:08 PM    

Today's trivia question -

What is the maximum database size supported by SQL Server 2000?

I spent a fair amount of time looking for the answer. I found a few different answers but the most consistent answer that I found is what I am going to go with.

-Max. Database size: 1,048,516 TB
-Max. file size: 32 TB

If you have a better answer please let me know!

 


1:07:25 PM    

© Copyright 2004 Thom Robbins .
Last update: 6/28/2004; 6:44:22 PM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "SharePoint Tips and Tricks" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.