Re: IE5 allows executing programs

[jjohanss () BU EDU (Jesper M. Johansson)]

> > > The other
> > > thing is that the default install for NT (especially on HP's) is FAT,
> >
> > Wrong.  That could be how that manufacturer sets up _some_ of their
> > machines, but it isn't default for NT install.
>
> Micron and Intergraph also install NT on FAT when they ship it to you.

I can't think of many manufacturers that don't, and the majority of them
don't like it if you convert it. Gateway, for example, refuses completely to
support any aspect of NT running on NTFS on their systems. They even went so
far as to try to void the warranty on one system we bought from them because
it was running NTFS.

The problem with this area, and what makes so many systems vulnerable, is
that OEMs refuse to ship their systems with NTFS partitions. They won't do
it because it is too difficult for them to walk someone through a repair if
they can't get to the boot partition with a dos disk. Since most people
don't know the difference between NTFS and FAT (or a hole in the ground for
that matter) most partitions never get converted, leaving these systems open
to holes like this one. This is a big problem. Hopefully, the ER boot option
in Win2K will solve some of this, since it enables OEMs to easily walk
people through repairs.

> If I recall correctly (I've only installed NT five or six times), if
> you later convert to NTFS (without reinstalling), you carry over the
> FAT permissions: "Full Control" for "All Users" on everything.

FIXACLS.EXE (NTResKit Supplement 2) will fix that. See Q157963 for more
details.

> > Most people who don't know what NTFS is are still using it if they are
> > running NT.
>
> Are there manufacturers that ship NT with NTFS by default?

Only on servers AFAIK. Dell ships its workstations with a menu item for
"converting C to NTFS," which is just a shortcut to convert. That's the best
I've seen so far.

Jesper M. Johansson
jjohanss () bu edu
Editor, SANS NT Digest
MCSE , MCP + I