Re: What Would Deactivate Hosts File?
- From: "Will" <westes-usc@xxxxxxxxxxxxxx>
- Date: Sat, 6 Jan 2007 18:03:37 -0800
"CoolHandJoe" <joemagueta@xxxxxxxxx> wrote in message
news:1168116935.566612.216750@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In my default install of Windows 2003 server the permissions on the
hosts file are
Administrators: Full Control
System: Full Control
Server Operaters: everything short of Full Control
Authenticated Users: Read & Excecute and Read
The file is owned by the administrators group.
Authenticated Users is more permissive than Users alone. Try to remove
Authenticated Users and Server Operators, reboot, and login as
administrator. HOSTS file functionality won't work.
To make it work again, add them back, reboot.
The mystery here isn't about Users versus Authenticated Users. The mystery
is why anything other than SYSTEM and Administrators would be required
against that file. I would like to understand in detail how Windows is
implementing the HOSTS file functionality. Apparently either some non
SYSTEM entity is reading that file, or alternately some of the code is
checking for permissions and refusing to work if the permissions are not set
the way it wants to see them.
--
Will
Will wrote:like
I solved this problem, and I'll post how for posterity, but I would be
interested in anyone's theories about why this works. It almost looks
anda bug or misfeature to me.
We had modified the default ACL on c:\windows\system32\drivers\etc to
exclude the Users group. If you give Users read and execute access,
asthen reboot (it will not work until you reboot), then hosts mysteriously
starts working. Note that before and after the reboot I am logged in
accesslocal administrator. And the folder always had Full Control access for
Administrators and SYSTEM, so it cannot be the case that giving Users
havesuddenly gave applications in my user context access, since they must
individualhad read access to HOSTS before the ACL change.
What surprises me about this is that I would have thought HOSTS was
implemented in the driver or somewhere in the kernel, not in each
theuser application. If that is the case, then why would read access to
ACLUsers group affect this feature, which should be implemented by a SYSTEM
entity? It's almost like the code that runs at SYSTEM level did an
justcheck, and after it saw that Users did not have access, it bypassed the
feature. That seems like wrong behavior.
Note that the local Users group did NOT have Authenticated Users in it,
everDomain Users.
--
Will
"Will" <westes-usc@xxxxxxxxxxxxxx> wrote in message
news:R6ydnZBeY6ceVQDYnZ2dnUVZ_oipnZ2d@xxxxxxxxxxxxxxx
On one of our Windows 2003 servers, the HOSTS file is not active. No
changes made to the c:\windows\system32\drivers\etc\hosts file are
groupactive, even after a reboot. Is there some registry setting or
policy that would be deactivating that feature?
--
Will
.
- References:
- What Would Deactivate Hosts File?
- From: Will
- Re: What Would Deactivate Hosts File?
- From: Will
- Re: What Would Deactivate Hosts File?
- From: CoolHandJoe
- What Would Deactivate Hosts File?
- Prev by Date: Re: What Would Deactivate Hosts File?
- Next by Date: Re: Multihomed DC's
- Previous by thread: Re: What Would Deactivate Hosts File?
- Next by thread: Redundant DHCP Configuration
- Index(es):
Relevant Pages
|
