Re: Workstation C: security settings
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 02/27/04
- Next message: Steven Umbach: "Re: Domain Authentication"
- Previous message: Steven Umbach: "Re: Password Change Policy"
- In reply to: Dave: "Workstation C: security settings"
- Next in thread: Dave: "Re: Workstation C: security settings"
- Reply: Dave: "Re: Workstation C: security settings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Feb 2004 20:53:39 -0500
If you don't want to go through the whole boatload of folders/subfolders,
the best way to secure you system is not to grant users local admin rights -
this will stop them installing (most) software, which is often enough.
Dave wrote:
> Hi,
>
> We have a win2k domain with winXP workstations. The security
> settings on the winXP C: are as follows.
>
> Administrator - Full Control: This folder, subfolders and files
> CREATOR OWNER - Full Control: Subfolders and files only
> Everyone - Read & Execute: This folder only
> SYSTEM - Full Control: This folder, subfolders and files
> Users - Read & Execute: This folder, subfolders and files
> Users - Create Folders / Append Data: This folder and subfolders
> Users - Create Files / Write Data: Subfolders only
>
> I find that this allows the user to use pretty much all of the C
> drive to write data to, including installing programs(not in Program
> Files). Is this a security risk? If yes, what recommendations can I
> follow to tighten up the security?
>
> Thanks!!!
> Dave
- Next message: Steven Umbach: "Re: Domain Authentication"
- Previous message: Steven Umbach: "Re: Password Change Policy"
- In reply to: Dave: "Workstation C: security settings"
- Next in thread: Dave: "Re: Workstation C: security settings"
- Reply: Dave: "Re: Workstation C: security settings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
