Re: Workstation C: security settings
From: Dave (dave_at_dave.com)
Date: Fri, 27 Feb 2004 08:55:17 -0800
Steve, I looked at the article that you gave a link to.
Is there a setting under domain Group Policies that does the same?
I'll look more into it and see what I can find.
"Steven L Umbach" <email@example.com> wrote in message
> Not necessarily. It is much more locked down than W2K which gave the
> too many permissions to the root folder. If you do not want regular users
> folders and files to the root folder/subfolders then just give them
> permissions. Keep in mind they still can write folder/files to their user
> my documents, etc. If you want to further lock down the computer/users
> using Software Restriction Policies in XP Pro. --- Steve
> "Dave" <firstname.lastname@example.org> wrote in message
> > Hi,
> > We have a win2k domain with winXP workstations. The security settings
> > the winXP C: are as follows.
> > Administrator - Full Control: This folder, subfolders and files
> > CREATOR OWNER - Full Control: Subfolders and files only
> > Everyone - Read & Execute: This folder only
> > SYSTEM - Full Control: This folder, subfolders and files
> > Users - Read & Execute: This folder, subfolders and files
> > Users - Create Folders / Append Data: This folder and subfolders
> > Users - Create Files / Write Data: Subfolders only
> > I find that this allows the user to use pretty much all of the C drive
> > write data to, including installing programs(not in Program Files). Is
> > a security risk? If yes, what recommendations can I follow to tighten
> > the security?
> > Thanks!!!
> > Dave