Re: EFS not secure on LAN -- if accurate it is a BUG
From: Herb Martin (news_at_LearnQuick.com)
Date: 07/31/03
- Next message: Rob Rohrbough: "Re: EFS not secure on LAN"
- Previous message: John: "Windows 2000 Login Password"
- In reply to: Rob Rohrbough: "Re: EFS not secure on LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Jul 2003 21:46:32 -0500
> I saw it happen. While I am new to EFS and make mistake
> like everyone else, I tried this several times. Today, I
> was able to export, delete, and import the certificate for
> EFS. It was installed in my Personal store. When the
> certificate was present there anyone who had NTFS
> permission to the folder could see the file's data; when
> the certificate was not there (after a reboot) no-one
> could access the data even if they had access to the
> folder and file. Before a reboot, even without the
> certificate in the store, apparently some kind of cache of
> the certificate was still allowing people to see the data.
Then it's a serious bug -- be sure to report it.
What I understand about the scenario:
1) Owner of the file accesses the file (over the net)
2) While (or after) this access OTHERS can with mere
permissions can read the file while the key is at the server
3) Reboot clears the key from server -- stops uncertificated access
That's a bug.
Sure you can use NTFS permissions to prevent the access but
the key alone should do that.
What should happen even with permission:
Example: Someone other than the owner (who is also not a
Recover Agent) has Full Control of an encrypted file. Tries
to access that file -- denied as if it were a permission issue.
- Next message: Rob Rohrbough: "Re: EFS not secure on LAN"
- Previous message: John: "Windows 2000 Login Password"
- In reply to: Rob Rohrbough: "Re: EFS not secure on LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
