Re: Why does Everyone have Full Control of everthing?
From: John Brock (jbrock_at_panix.com)
Date: 12/13/04
- Next message: brutalzombie: "Re: Blue band on left"
- Previous message: claghorn1p: "RE: Explorer Folders"
- In reply to: John Brock: "Why does Everyone have Full Control of everthing?"
- Messages sorted by: [ date ] [ thread ]
Date: 12 Dec 2004 20:43:44 -0500
Well, to wrap this up, I just used the Security Configuration And
Analysis snap-in to apply the Setup Security template to my machine,
and now my NTFS permissions look normal. It was easy to do, once
I got up my nerve, and I'm sure this is what IBM expected their
corporate users to do right out of the box. I'm still annoyed at
IBM, and I wish *I* had known about this when I first turned the
thing on. Perhaps I should have only applied the file permissions
part of the template; I'm a bit nervous about having reset the
registry to its original configuration *after* having applied SP2
(and various other patches) to the machine. Maybe I've set myself
up for subtle problems, but at least for now things look good.
In article <cou88q$t3r$1@panix1.panix.com>,
John Brock <jbrock@panix.com> wrote:
>I have been using my IBM ThinkCentre with Windows XP Professional
>for over a year now, using the personal account created at setup.
>That account belongs to the Administrators group of course, and
>recently I decided to create a Limited account, for security reasons.
>I started to poke around by enabling the Guest account, and was
>very startled to discover that it was not really very "limited" at
>all, and in fact could delete files from places where I did not
>think it should be able to, such as my Mozilla program directory.
>
>After studying Windows XP Inside Out for a while it became clear
>to me that the reason for this was that the Everyone group had Full
>Control of the C: drive, and by inheritance everything else (except
>my personal profile). I don't think this is right! But the book
>warned against tampering with permissions on the system drive, and
>directed me to Knowledge Base article Q244600, which has a long
>list of default NTFS permissions for Windows 2000.
>
>I am nervous about trying to reset all the folder permissions by
>hand though (especially with settings from Windows 2000), and even
>if I did who knows what else is amiss. Beyond that, I would really
>like to know what is going on. The book noted that Full Control
>by Everyone is what you get when you convert a partition to NTFS,
>but this was a new machine with XP SP1 preloaded.
>
>So basically I have two questions:
>
>1) Does anyone have any idea why my machine is this way?
>
>2) Is there anything I can do -- perhaps use some security template
>or something -- to restore the normal XP permissions.
-- John Brock jbrock@panix.com
- Next message: brutalzombie: "Re: Blue band on left"
- Previous message: claghorn1p: "RE: Explorer Folders"
- In reply to: John Brock: "Why does Everyone have Full Control of everthing?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
