Re: c:\winnt\system32\drivers\etc\

Roger, logically you would assume that services and system level contexts
would need access to such files, but I have a nagging feeling that Microsoft
hacked here and may have put some dependencies into specific applications,
in which case those applications might run in a user's context. For
example, have you ever noticed how an nslookup serverx can fail while a ping
serverx can succeed? You get the feeling that some command line utilities
simply bypass DNS lookups and implement their own convoluted proprietary
path through registry entries, files on disk (e.g., the hosts file in
c:\winnt\system32\drivers\etc), etc.

--
Will


"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in message
news:#jXSyyhAGHA.3268@xxxxxxxxxxxxxxxxxxxxxxx
> I have a feeling that (as far as Windows is concerned) those files
> are accessed by the network stack (by the system) and not done
> in the user's context. That does not mean there are no applications
> that may have coded in a dependency (although I do not see why).
> (by the way, it is NetBios, not Netbeui, the uses lmhosts).
>
> "Will" <westes-usc@xxxxxxxxxxxxxx> wrote in message
> news:Xe6dnSyg5MLxND3eRVn-sw@xxxxxxxxxxxxxxx
> >I don't want someone with user privileges getting a map of IP and NETBEUI
> > hosts out of the files in that directory.
> >
> > Your answer is clear for services. What about hosts and the
lmhosts.sam?
> > I guess I could just protect those files individually rather than the
> > whole
> > directory.
> >
> > --
> > Will
> >
> >
> > "neo [mvp outlook]" <neo@xxxxxxxxxxxxxxx> wrote in message
> > news:#vB85$KAGHA.436@xxxxxxxxxxxxxxxxxxxxxxx
> >> Considering that the built-in users group only gets read and execute
> > rights
> >> to this folder, what are you trying to accomplish by taking that away?
> >>
> >> To answer your question, we have some applications that look to the
> > services
> >> file to ensure that the port number is listed for their purpose. If it
> >> isn't listed the app doesn't work. So in this case, if a user didn't
> >> have
> >> read rights to that file, they couldn't run our app because the
> > application
> >> wouldn't be able to access the file.
> >>
> >> /neo
> >>
> >> "Will" <westes-usc@xxxxxxxxxxxxxx> wrote in message
> >> news:6LGdnW9_srLKIgLenZ2dnUVZ_tmdnZ2d@xxxxxxxxxxxxxxx
> >> > Does the Windows 200x BUILTIN\Users group need access to
> >> > c:\winnt\system32\drivers\etc\ ?
> >> >
> >> > I would like to restrict access to this group to Administrators and
> >> > SYSTEM.
> >> >
> >> > --
> >> > Will
> >> >
> >> >
> >>
> >>
> >
> >
>
>


.

Quantcast