Re: Security hole?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Mike Walsh (englantilainen_at_hotmail.com)
Date: 07/17/04

• Next message: Mike Walsh: "Re: Passing data from custom lists"
• Previous message: Mike Walsh: "Re: Slow Loading of WSS Sites via the Internet"
• In reply to: Vad Adler: "Security hole?"
• Next in thread: david mckenzie: "Re: Security hole?"
• Reply: david mckenzie: "Re: Security hole?"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sat, 17 Jul 2004 10:50:30 +0300

No you are not missing anything.

It is standard for Administrators to see everything in a restricted access
document library. In fact designers (whatever the second level of standard
authorization is) can see everything too. You will notice that only Readers
and Contributors are listed specifically when you amend the access rights to
a Doc Lib - thus only they can be removed. The two default roles above that
still can access.

Mike Walsh, Helsinki, Finland
WSS FAQ at wss.collutions.com
Please post questions to the newsgroup only.

"Vad Adler" <VadAdler@discussions.microsoft.com> wrote in message
news:DE9E4AAC-32EE-4DBB-BFA9-F8BA6D0DCB36@microsoft.com...
> Hello,
>
> I have created a subweb (document workspace) with unique permissions to be
able to manage users separately from the parent Web site. When a user is not
added to the site he does not even see this workspace in the list of all
configured sites and workspaces. However, if this particular user belongs
to Administrators user group on the machine which runs WSS the site becomes
visible to him and he has full control over the site. This fact does not
seem right to me. Any ideas?
>
> I have dropped BUILTIN\Administrators login from the instance of MSDE. I
also removed that login from sysadmin server role.
>
> Am I missing anything?
>
> Thanks,
> vad...
>

---

• Next message: Mike Walsh: "Re: Passing data from custom lists"
• Previous message: Mike Walsh: "Re: Slow Loading of WSS Sites via the Internet"
• In reply to: Vad Adler: "Security hole?"
• Next in thread: david mckenzie: "Re: Security hole?"
• Reply: david mckenzie: "Re: Security hole?"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Need modern version of old technique to show missing values ... The above-mentioned R has the symbol "NA" to indicate missing values, ... distinguished from the usual IEEE754 floating point special values ... negative zero. ... seem determined to use an older standard this option is of course not ... (comp.lang.fortran) Re: How to store a 13 digit number in c ? ... and the standard specifies a minimum value for it that assures ... GCC has had 'long long' for the better part of a decade, ... doesn't make it a C99 compiler. ... Missing) ... (comp.lang.c) Re: Many GPS receivers are stolen every month ... On Feb 28, 4:54 pm, GSV Three Minds in a Can ... broken window and I'm missing a radio to prove it. ... standard size hole, eminently nickable. ... (sci.geo.satellite-nav) Re: FC5 Totem and DVD ... impossible to reproduce this kind of file as an appropriate plugin is ... What am I missing (and why it is not loaded as standard, ... Google for fedora faq. ... (Fedora) Re: IIS 4.0/NTFS/A.D. ... Intranet that has limited access through NFTS. ... >I'm probably the one missing something. ... >>administrators group. ... >>>IIS administration requires the local administrator. ... (microsoft.public.inetserver.iis.security)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > SharePoint  > microsoft.public.sharepoint.windowsservices  > 2004-07