Re: Desktop.ini file ignored by Windows Encryption...
From: Adam Piggott (adam_at_PROACTIVESERVICES.CO.UK)
Date: 11/08/04
- Previous message: snsadv: "[SNS Advisory No.79] A Possibility of Cookie Overwrite in Microsoft Internet Explorer"
- In reply to: Scott Lockington: "Desktop.ini file ignored by Windows Encryption..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 8 Nov 2004 19:47:02 +0000 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Scott Lockington wrote:
| Hello All,
|
| In working with Windows EFS (i.e. 2000 sp4 and XP sp2) Any file named
| "desktop.ini" is ignored when encrypting the containing directory with EFS.
| The contents of this file are not verified to be that of a valid desktop.ini
| file, instead it can contain anything. Any file dropped named desktop.ini
| could avoid requiring decryption at a later date. Abuses of such an exclusion
| are left as an exercise for the reader.
Are you creating the desktop.ini before applying encryption to it's parent
directory?
I think you'll find in that case the "Folder Settings" directory and its
contents are not encrypted either. As they're all set as system and hidden
they don't show up unless you (for some reason) have Explorer set to show
protected OS files.
<Example one>
C:\>mkdir test
C:\>cipher /e test
~ Encrypting directories in C:\
test [OK]
1 directorie(s) within 1 directorie(s) were encrypted
C:\>echo woo > test\file.txt
C:\>echo yay > test\desktop.ini
C:\>cipher test\*
~ Listing C:\test\
~ New files added to this directory will be encrypted.
E desktop.ini
E file.txt
</Example one>
The above example which shows that encryption *is* applied is also true if
you create a directory, encrypt it, then apply directory customisations.
<Example two>
C:\>cipher /h test\*
~ Listing C:\test\
~ New files added to this directory will be encrypted.
E desktop.ini
E Folder Settings
</Example two>
Personally my best practise when it comes to EFS is to encrypt a folder
before doing anything to it. That way you cannot forget to encrypt one of
the files later etc.
Regards,
Adam Piggott.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
iD8DBQFBj8027uRVdtPsXDkRAoJ+AJwJHALQyiw4CHa8WnivzuiCUoonJQCfVwod
pGEmM4KdHIY/MdnZwhlKtpw=
=HyPv
-----END PGP SIGNATURE-----
-- Editor's Note: The 43rd Most Powerful Person in Networking says... Register today to take the TruSecure ICSA exam by 12/31/04 at <http://www.2test.com> , use promo code "CT1204" and you will pay just $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars for international delivery. Visit <https://ticsa.trusecure.com> for complete details regarding the TICSA credential and to take the free sample exam. --
- Previous message: snsadv: "[SNS Advisory No.79] A Possibility of Cookie Overwrite in Microsoft Internet Explorer"
- In reply to: Scott Lockington: "Desktop.ini file ignored by Windows Encryption..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
