Bugtraq mailing list archives
Re: Nearly undocumented NT security feature - the solution to executable attachments?
From: Vanja Hrustic <vanja () pobox com>
Date: Fri, 10 May 2002 03:41:50 +0700
On Tue, 07 May 2002 22:28:33 +0200 "KJK::Hyperion" <noog () libero it> wrote:
MYTH: Windows NT users cannot defend from e-mail borne malware, because unlike in Unix all files in Windows NT are executable, and the only protection against this is antivirus software (read on Usenet) FACT: all files, in Windows NT, are merely executable *by default*. In fact not only execution of files can be restricted on a per-file basis, but it can be restricted more efficiently than on Unix, and using only features of the operating system
Yeah, right. Something I *really* want to find out (and is not intended to be a flame), is: Is it possible to have an NTFS partition under Windows 2000 (or XP, if that matters) 'mounted' in the same way as UNIX partition is mounted with 'noexec' option? For example, if I wish that nothing can be executed on D: disk (for example, which is not a disk where Win2000 resides, in my case), what would I have to do? I am very well aware that 'noexec' doesn't help much (at least on Linux) if someone wants to execute a binary. That's not what I am interested in, anyway. I would like to know how I can prevent 'accidental' execution of binaries in Windows 2000/XP, on a partition level, not on a 'directory level' (with ACLs). Thanks in advance. Vanja
Current thread:
- Nearly undocumented NT security feature - the solution to executable attachments? KJK::Hyperion (May 08)
- Re: Nearly undocumented NT security feature - the solution to executable attachments? Keary Suska (May 10)
- Re: Nearly undocumented NT security feature - the solution to executable attachments? Vanja Hrustic (May 10)
- Re: Nearly undocumented NT security feature - the solution to executable attachments? 3APA3A (May 10)