Security Basics mailing list archives
FW: Win NT Permission question ?
From: "David Schenz" <schenz.9 () dps ohio-state edu>
Date: Mon, 13 Sep 2004 21:33:43 -0400
YMMV. The dangers of a misconfiguration are significantly higher in my book if you utilize both share level and ntfs. Share level permissions offer very little protection ultimately. They lack granular control, flexibility, and provide no controls for interactive user logons, http logons, ftp logons, etc. In particular, they also lack auditing controls. Share level permissions can leave you with a false sense of security and when intersected with NTFS greatly increase complexity to determine the effective permissions. Defense in depth can be better achieved by auditing file access and using win2k3's effective permission tools or by checking them yourself. David -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Monday, September 13, 2004 9:19 PM To: David Schenz; Prasanna M; yfs_168us () yahoo com; security-basics () securityfocus com Subject: RE: Win NT Permission question ? That's old school bad advice. Permissions should be set as restricted as they can be on both the NTFS and Share level. Defense-in-depth. If you goof up on one (and we all goof up one time or another) the other might save you. Roger ************************************************************************ *** *Roger A. Grimes, Banneret Computer Security, Computer Security Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), A+ *email: roger () banneretcs com *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly *http://www.oreilly.com/catalog/malmobcode *Author of upcoming Honeypots for Windows (Apress) ************************************************************************ **** -----Original Message----- From: David Schenz [mailto:schenz.9 () dps ohio-state edu] Subject: RE: Win NT Permission question ? I also emphasize giving everyone Full control for share level permissions otherwise the permissions get _very_ hairy. Good luck David -----Original Message----- From: Prasanna M [mailto:PrasannaM () catsglobal co in] Sent: Friday, September 10, 2004 3:46 AM To: 'yfs us '; 'security-basics () securityfocus com ' Subject: RE: Win NT Permission question ? user1 & user2 are they admins? or normal users? your file would be safe only if users 1&2 dont know how to tinker with win nt much. if they do kno their way around win nt, then ur data isnt safe. basically if someone has ownership access to the parent folder, then they can definitely access the subfolders, no matter wat permissions you set. hth, Prasanna -----Original Message----- From: yfs us To: security-basics () securityfocus com Sent: 9/9/2004 6:16 AM Subject: Win NT Permission question ? Hi All, Just want to check with u guys here how does these Win NT Permission works.My admin had setup a directory with the following permission :- C:\detail\ was own by user1 and had Full Control (All) (All) user2 had Full Control (All) (All) user3 had Full Control (All) (All) C:\detail\data\ was own by user2 and had Full Control (All) (All) user1 had no access user3 had add & read (rwx) (rwx) C:\detail\data\info\ was own by user3 and had Full Control (All) (All) user1 had no access user2 had no access I'm user3 and I just want to know can user1 & user2 delete my file ? Can user2 delete the info folder ? If I create a folder in info directory eg. C:\detail\data\info\secret , so can user1 & user2 delete it and also the file inside the secret folder ? I'm not a admin and my admin sucks ? If I want to secure my info folder what permission should be given to user2 & user1 ? All help r welcome. Cheers __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- Win NT Permission question ? yfs us (Sep 09)
- <Possible follow-ups>
- RE: Win NT Permission question ? Prasanna M (Sep 10)
- Re: Win NT Permission question ? Ansgar -59cobalt- Wiechers (Sep 13)
- RE: Win NT Permission question ? Roger A. Grimes (Sep 12)
- RE: Win NT Permission question ? David Schenz (Sep 13)
- FW: Win NT Permission question ? David Schenz (Sep 15)
- RE: Win NT Permission question ? Roger A. Grimes (Sep 15)
- Re: Win NT Permission question ? yfs us (Sep 15)
- RE: Win NT Permission question ? Robert McIntyre (Sep 17)
- RE: Win NT Permission question ? Prasanna M (Sep 17)