System Account
From: MC (anonymous_at_discussions.microsoft.com)
Date: 05/27/04
- Next message: Frank: "Defragmenting Hard Drive"
- Previous message: Dave Patrick: "Re: System Crashed because of Hive file"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 26 May 2004 20:21:55 -0700
I have a Windows 2003 domain with all windows 2000 pro spk
4 workstations. I am in an educational system so I have
two main security groups, students and teachers. Both of
those domain security groups are part of the local users
group on the workstations. I have really tried to lock
down the workstations with group policy and NTFS
Permissions. Here is the problem. The local users group
has read only perms on the c:\ and also read only on Winnt
and program files. The System account has full control to
the entire drive. Users browse the internet and they
still have the ability (of which I don't know how) to
install such garbage as the google search bar or n-case or
other annoying "spyware" and "ad ware". I don't
understand how this stuff is getting installed or better
yet how it is able to be installed as a user account with
no rights to write to c:\, C:\winnt and c:\program files.
Through a GPO they also don't have the ability to edit the
registry yet all these things are able to be done. So my
question is, could these "spyware" be using the system
account? How safe is it to take the system account out of
the NTFS Permissions? How do these "spyware" get
installed? Any ideas I would really love to hear them,
thanks.
MC
- Next message: Frank: "Defragmenting Hard Drive"
- Previous message: Dave Patrick: "Re: System Crashed because of Hive file"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
