Re: NTFS inherited permissions bug on W2K

From: Grant, Lynn (Lynn.Grant@CA.COM)
Date: 10/12/01 

Message-ID:  <2D0C70C401A8D311A7CD009027AA3D7E06ECEAB9@usilms06.ca.com>
Date:         Fri, 12 Oct 2001 15:06:51 -0400
From: "Grant, Lynn" <Lynn.Grant@CA.COM>
Subject:      Re: NTFS inherited permissions bug on W2K
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

============================================================================
Delivery co-sponsored by GFI Software
============================================================================
LANguard Security Event Log Monitor offer!

Catch hackers red-handed with LANguard S.E.L.M.! Provides intrusion
detection through centralized NT/2000 security event log monitoring.
Extensive reporting identifies all machines being targeted & local users
trying to hack. Download your FREE starter pack today:
http://www.gfisoftware.com/stats/adentry.asp?adv==107&loc=1
============================================================================
List message follows...

While the C2 evaluation process had its problems, I have to agree with Jeremy about its value in defining the behavior of the system.

It a sad fact that in any complex software system that has evolved over the years, and has had any degree of turnover its development staff, there are behaviors caused by interactions between the components of the system that are not defined...they just happen. The design analysis and documentation required by the evaluation process really helps to nail down these behaviors.

I was on a C2 evaluation several years ago, and ran into (and fixed) all sorts of unexpected behaviors in our product.

Lynn Grant
Computer Associates
Programmer
DB2 Analyzers Lab
tel: +1 630 505-6450
fax: +1 630 505-6410
lynn.grant@ca.com <mailto:lynn.grant@ca.com>

Relevant Pages