Re: Workstation C: security settings

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/27/04

• Next message: A.Chakkaravarthi: "Access to recover data from NTFS partition - Windows 2000"
• Previous message: Steven L Umbach: "Re: bypass login every boot - right to desktop"
• In reply to: Dave: "Workstation C: security settings"
• Next in thread: Dave: "Re: Workstation C: security settings"
• Reply: Dave: "Re: Workstation C: security settings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 27 Feb 2004 03:42:32 GMT

Not necessarily. It is much more locked down than W2K which gave the everyone group
too many permissions to the root folder. If you do not want regular users to add
folders and files to the root folder/subfolders then just give them read/list/execute
permissions. Keep in mind they still can write folder/files to their user profile -
my documents, etc. If you want to further lock down the computer/users look into
using Software Restriction Policies in XP Pro. --- Steve

http://support.microsoft.com/?kbid=310791

"Dave" <dave@dave.com> wrote in message news:uvCTHXK$DHA.1036@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> We have a win2k domain with winXP workstations. The security settings on
> the winXP C: are as follows.
>
> Administrator - Full Control: This folder, subfolders and files
> CREATOR OWNER - Full Control: Subfolders and files only
> Everyone - Read & Execute: This folder only
> SYSTEM - Full Control: This folder, subfolders and files
> Users - Read & Execute: This folder, subfolders and files
> Users - Create Folders / Append Data: This folder and subfolders
> Users - Create Files / Write Data: Subfolders only
>
> I find that this allows the user to use pretty much all of the C drive to
> write data to, including installing programs(not in Program Files). Is this
> a security risk? If yes, what recommendations can I follow to tighten up
> the security?
>
> Thanks!!!
> Dave
>
>

• Next message: A.Chakkaravarthi: "Access to recover data from NTFS partition - Windows 2000"
• Previous message: Steven L Umbach: "Re: bypass login every boot - right to desktop"
• In reply to: Dave: "Workstation C: security settings"
• Next in thread: Dave: "Re: Workstation C: security settings"
• Reply: Dave: "Re: Workstation C: security settings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Workstation C: security settings ... too many permissions to the root folder. ... > We have a win2k domain with winXP workstations. ... The security settings on ... (microsoft.public.win2000.active_directory) Re: Workstation C: security settings ... too many permissions to the root folder. ... > We have a win2k domain with winXP workstations. ... The security settings on ... (microsoft.public.windowsxp.security_admin) Re: Hidden folders with NTFS ... For example, all users can access a root folder, but only ... Here is a link to Microsoft explaining Access-based Enumeration. ... System Engineer / Education Services / Professional Services ... (microsoft.public.windows.file_system) Re: Everyone permissions ... However many times if you do not use the guests group ... and do not have any applications that need everyone group ... in it on the root folder, or at very least change the permissions to ... read/list/execute for the everyone group on the root folder. ... (microsoft.public.win2000.security) Re: Everyone Group ... The everyone group does have excessive permissions on a default W2K installation ... recommendations to change the permissions on the root folder. ... > following accounts, which for some reason are listed in ALL ... > If the Everyone group DOES include the above All Caps ... (microsoft.public.win2000.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint