I was recently writting an ASP online file editor so i could edit my site from within its pages and i stumbeled upon the ability to view every file/folder that currently exists on the servers hard-drive includeing other drives on the server. It is quite easy to view the code on any webpage including asp. it is also able to chanbe the file, delete it, download it and create/remove directorys. I would also like to point out that some folders are "Permission Denied" but as for ones that are used for FTP and so fourth give me full read acces and most give me write access. I've tested this on BRINKSTER.COM and it works. I've notified most Servers that allow ASP about this. Is there a way to actuall stop people from doing this????

Ive attached the page i created in hopes that someone can give me an idea if this is fixable or not.

I also posted this incase a viewer might know of any other ASP providing websites and would like to notify them of this. If so i would like to have, at least, my name mentioned to them. - Zach Szafran