Re: NTFS inherited permissions bug on W2K

From: Jeremy Epstein (jepstein@WEBMETHODS.COM)
Date: 10/12/01 

Message-ID:  <NDBBICMMIMLFAPJFOHEBCEKOEJAA.jepstein@webMethods.com>
Date:         Fri, 12 Oct 2001 14:08:28 -0400
From: Jeremy Epstein <jepstein@WEBMETHODS.COM>
Subject:      Re: NTFS inherited permissions bug on W2K
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

============================================================================
Delivery co-sponsored by GFI Software
============================================================================
LANguard Security Event Log Monitor offer!

Catch hackers red-handed with LANguard S.E.L.M.! Provides intrusion
detection through centralized NT/2000 security event log monitoring.
Extensive reporting identifies all machines being targeted & local users
trying to hack. Download your FREE starter pack today:
http://www.gfisoftware.com/stats/adentry.asp?adv=107&LOC;=1

At the risk of igniting a flame war, I'll point out that ambiguities like
this in policies are EXACTLY the reason that vendors are required to have a
statement of the access control policy as part of getting a C2 evaluation.
Trying to write down the policy, with all it's variations (such as what
happens when a rename occurs), is sometimes surprisingly difficult, and
helps vendors appreciate why customers don't understand how to use systems
safely.

As an example, I'll mention that Novell NetWare had pieces of it's access
control policy described in several places throughout the manuals. But
there was no place that described how the pieces fit together. As part of
the C2 evaluation, we wrote a detailed statement of the access control
policy. Spelling it out explicitly helped us find some ambiguities and even
a couple security holes, which were subsequently fixed.

So anyone who says that C2 has no value should be aware that problems like
this NTFS file permissions issue are supposed to be addressed as part of the
evaluation.... and probably don't get addressed any other way.

--Jeremy

Relevant Pages