Default file/folder security permissions for a new user

From: renegade_master_12121@xxxxxxxxxxx
Date: Mon, 12 Jan 2009 07:50:52 -0800 (PST)

In windows xp, I do the following:

Create new user (Bob). Remove bob as a member of the Users group (he
now is a member of no group). Go to some folder on my box. e.g. C:
\randomstuff. Check the security of this. Check the effective
permissions of Bob with respect to this folder (to find out what he
can really do). Bob seems to by default be able to do a lot of things
with this folder "by default". He can do:

Traverse Folder / Execute File
List Folder / Read Data
Read Attributes
Read Extended Attributes
Create Folders / Append Data
Create Files / Write Data
Read Permission

How is this? Why does a new user get to do all this stuff to
anywhere on my box?

Thanks
.

Follow-Ups:
- Re: Default file/folder security permissions for a new user
  - From: Paul Baker [MVP, Windows Desktop Experience]

Prev by Date: Re: ASR Recovery
Next by Date: Re: Default file/folder security permissions for a new user
Previous by thread: ASR Recovery
Next by thread: Re: Default file/folder security permissions for a new user
Index(es):
- Date
- Thread

Relevant Pages

Re: Windows 2003 file sharing and NTFS right
... department for so many shared folder, ... who is under IT Team group and users group. ... server served as file server, I have some problem of the file access ... Bob is put in Both Group1 and users group. ...
(microsoft.public.windows.file_system)
Re: Denials effect all groups and users instead of the one their assigned to.
... Did you remove Everyone permission from the folder? ... But, when I deny Users, it ... >>You are not a member of Users group only if you have ... >>member of User group. ...
(microsoft.public.windowsxp.security_admin)
Re: Enable file and folder sharing for the Users Group
... >>Log on as an administrator, ... > I want to enable the file and folder sharing for the members of the users ... member of power users. ... users group. ...
(microsoft.public.win2000.networking)
RE: Default file/folder security permissions for a new user
... Create new user (Bob). ... Remove bob as a member of the Users group (he ... Go to some folder on my box. ... Traverse Folder / Execute File ...
(microsoft.public.windowsxp.security_admin)
Re: Default file/folder security permissions for a new user
... Let's not talk about random stuff, let's talk about a specific folder. ... Create new user (Bob). ... Remove bob as a member of the Users group (he ... Traverse Folder / Execute File ...
(microsoft.public.windows.server.security)