RE: NTFS Permissions (was Share Permissions)

[Andy Streule <andy.streule () lythamhigh lancs sch uk>]

surely this means you could end up with tonnes of shares, to facilitate
different permissions to different users/groups/folders. And mapping them
all to different ppl would be a nightmare. 
You wouldnt be able to just map the folder for everyone and then let ntfs
permissions determine who can see what. 

Perhaps this isnt an issue in your organisation, but it's certainly
limiting. 
I'm sure normal users should only have change permissions instead of "full
control" but i cant remember the difference.

~Andy

> -----Original Message-----
> From: sharon_joyner () timeinc com [mailto:sharon_joyner () timeinc com]
> Sent: 24 June 2003 21:04
> To: security-basics () securityfocus com
> Subject: RE: NTFS Permissions (was Share Permissions)
>
>
> This is interesting because our system (NT 4.0) has been set 
> up exactly
> opposite this - ntfs permissions allow full control access to everyone
> and share permissions are used to allow/restrict access to the share.
> This seems to work pretty well, but are there hidden pitfalls?  
>
> I inherited this system and questioned the apparent inconsistency, but
> was told that it was what MS recommends.  My own research couldn't
> confirm/deny this and I hadn't seen any issues raised anywhere until
> now.

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------