RE: Windows 2000's Everyone permission
From: Chris Davis (chris.davis@computerjobs.com)Date: 08/23/01
- Previous message: Jim Hammar: "NT4 User List"
- Maybe in reply to: phoebe: "Windows 2000's Everyone permission"
- Next in thread: Laura A. Robinson: "Re: Windows 2000's Everyone permission"
- Next in thread: Erik Osterholm: "Re: Windows 2000's Everyone permission"
- Reply: Laura A. Robinson: "Re: Windows 2000's Everyone permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <9B66343BA96A5D4A9D6FBC00181A747D54C9FB@exchange1> From: Chris Davis <chris.davis@computerjobs.com> To: 'John Wienand' <JWienand@bna.com>, "'FOCUS-MS@securityfocus.com'" <FOCUS-MS@securityfocus.com> Subject: RE: Windows 2000's Everyone permission Date: Thu, 23 Aug 2001 13:19:20 -0400
"What added security measure do you get from this extra administrative
task?"
This one: If a user cannot connect to a share at all, that user does not
know what's in the share.
If that reason doesn't work for you, how about philosophical: If share
permissions are not to be used, why do they exist?
Lots of documentation is wrong lots of times. This is one of those times.
Let's say your NT file server is attached to the internet and has "Everyone
Full Access" shares defined, but you have perfectly secure NTFS permissions.
You do not run any services other than file sharing. By your logic, you do
not need a firewall. You can leave ports 137-139 and 445 wide open? NTFS
will secure everything, right? A firewall would add no protection, since
NTFS is perfectly secure, right?
- Previous message: Jim Hammar: "NT4 User List"
- Maybe in reply to: phoebe: "Windows 2000's Everyone permission"
- Next in thread: Laura A. Robinson: "Re: Windows 2000's Everyone permission"
- Next in thread: Erik Osterholm: "Re: Windows 2000's Everyone permission"
- Reply: Laura A. Robinson: "Re: Windows 2000's Everyone permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
