Re: Workstation C: security settings

From: Steven L Umbach (sumbach_at_nospam-ameritech.net)
Date: 02/27/04 

Date: Fri, 27 Feb 2004 17:40:03 GMT

If you are talking Software Restriction Policies, you can use Group Policy
to manage with the help of an XP Pro domain member as described in the KB
below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;307900

"Dave" <dave@dave.com> wrote in message
news:u2gn7JV$DHA.3400@tk2msftngp13.phx.gbl...
> Steve, I looked at the article that you gave a link to.
>
> Is there a setting under domain Group Policies that does the same?
>
> I'll look more into it and see what I can find.
>
> Thanks!!!
>
>
> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
> news:I0z%b.420807$na.810061@attbi_s04...
> > Not necessarily. It is much more locked down than W2K which gave the
> everyone group
> > too many permissions to the root folder. If you do not want regular
users
> to add
> > folders and files to the root folder/subfolders then just give them
> read/list/execute
> > permissions. Keep in mind they still can write folder/files to their
user
> profile -
> > my documents, etc. If you want to further lock down the computer/users
> look into
> > using Software Restriction Policies in XP Pro. --- Steve
> >
> > http://support.microsoft.com/?kbid=310791
> >
> > "Dave" <dave@dave.com> wrote in message
> news:uvCTHXK$DHA.1036@TK2MSFTNGP10.phx.gbl...
> > > Hi,
> > >
> > > We have a win2k domain with winXP workstations. The security settings
> on
> > > the winXP C: are as follows.
> > >
> > > Administrator - Full Control: This folder, subfolders and files
> > > CREATOR OWNER - Full Control: Subfolders and files only
> > > Everyone - Read & Execute: This folder only
> > > SYSTEM - Full Control: This folder, subfolders and files
> > > Users - Read & Execute: This folder, subfolders and files
> > > Users - Create Folders / Append Data: This folder and subfolders
> > > Users - Create Files / Write Data: Subfolders only
> > >
> > > I find that this allows the user to use pretty much all of the C drive
> to
> > > write data to, including installing programs(not in Program Files).
Is
> this
> > > a security risk? If yes, what recommendations can I follow to tighten
> up
> > > the security?
> > >
> > > Thanks!!!
> > > Dave
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: Workstation C: security settings
    ... If you are talking Software Restriction Policies, you can use Group Policy ... to manage with the help of an XP Pro domain member as described in the KB ... > Steve, I looked at the article that you gave a link to. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Workstation C: security settings
    ... If you are talking Software Restriction Policies, you can use Group Policy ... to manage with the help of an XP Pro domain member as described in the KB ... > Steve, I looked at the article that you gave a link to. ...
    (microsoft.public.win2000.security)
  • Re: Restrict Users from Installing programs
    ... Except unless there has been some update I am not aware of SRP ... --- Steve ... > Software restriction policies could be made to work for these. ... >> Hotbar! ...
    (microsoft.public.win2000.networking)