Re: XP-Home Ed - Sharing & Security?

From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 12/31/02 

From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu>
Date: Mon, 30 Dec 2002 16:55:21 -0700

You are close to correct in the assessment.
However, as was indicated, you can still set NTFS
permissions: either use F8 safe mode, or, use the
cacls commandline utility.

If you set a password on Guest, then that info is
needed for access. If you manipulate the permissions
at the NTFS level of what is being shared, then only
those things with a grant of permissions to Guest or
Guests will be accessible (assuming you have not been
modifying the group memberships of Guest) via the share.

What Home does limit you to in this regard is one flavor
of shared access grant. You can control whether each
individual file is or is not readable or writable, but you
cannot control which person can get to which (they all
map to the same Guest). 

--
Roger
"Bob Macdonald" <bobmacd@bellsouth.net> wrote in message
news:es211vgdddm5903ut8ad0gph5dbkri6afk@4ax.com...
> I have read a large number of posts and MS bulletins, etc., concerning
> security for shared files/folders using WXP. I have come to a
> conclusion that I need validated and a question that I would
> appreciate answered please. Both are based on the fact that in XP-Home
> Edition, "Simple File Sharing" cannot be turned off and therefore
> permissions cannot be set on folders - notwithstanding that they are
> under an NTFS file system. (my setup)
>
> Conclusion: (Am I correct?)
> Unless I upgrade to WXP Professional, shared forders on a (Home) LAN
> cannot be protected with a password as they could in W2K and W98.
>
> Question:
> How great  is the security exposure when such shared folders (files)
> reside on an always-on (DSL Internet access) PC behind a Zone Alarm
> Pro firewall set to highest internet zone level?
>
> If I'm protected, I will save the XP upgrade cost - otherwise I will
> need to upgrade.
>
> Thanks.
>
> Bob Macdonald, Nashville, TN
> bobmacd@bellsouth.net
>
>

Relevant Pages

  • Re: Deny Server Access but Allow Printer and Internet
    ... perhaps I should not have used the word guest. ... and do your best to AVOID having to DENY access. ... access at the NTFS level based upon Group Policy and an OU? ... Some of the permissions I have described above ...
    (microsoft.public.windows.server.active_directory)
  • Re: FTP control
    ... > I would like to use NTFS security settings to control who ... I would suggest getting a third party FTP server, ... if you set quota and these permissions for that group you can ... Information Server (IIS) Web site, ...
    (microsoft.public.win2000.security)
  • RE: Any way to remove ADMIN$ only?
    ... Mixing the share permissions and the NTFS permissions generally cause ... which means more groups/people access the same shares. ... Along comes another admin that creates a share at a higher level in the ...
    (Focus-Microsoft)
  • Re: W2k and Front Page Security
    ... >> up now using subweb and setting permissions throgh ... >> with NTFS permissions contolling folders.When I set ... >FrontPage managed content areas you do really need to ... >authorship of every groupX subweb in addition ...
    (microsoft.public.win2000.security)
  • Re: Removing "File and Folder tasks"
    ... You can put the computers you want to enforce the NTFS permissions on into ... create a Group Policy to enforce the NTFS ... folder and user profile folders because if you incorrectly apply NTFS ...
    (microsoft.public.windowsxp.security_admin)