RE: share permissions

[Steve Anderson <steve.anderson () bipsolutions com>]

I'd recommend a basic share permission, along with a more restrictive NTFS permission. Allows you to keep the number of 
shares low. Like a single Users share, with each user having an NTFS restricted directory within it.



In addition:
Create a group for each directory that has its own share permissions. This allows for faster addition and subtraction 
(as you add the user to the group, rather than to the files' permissions), and avoids orphaned permissions, when you 
delete a user.

http://technet.microsoft.com/en-us/library/cc780313%28WS.10%29.aspx



Steve Anderson


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of W W
Sent: 28 September 2010 16:20
To: security-basics () securityfocus com
Subject: share permissions

Are then any best practices for setting permissions on shared folders?
 We have a discussion on whether we should be setting the access on the share itself or controlling it more at the NTFS 
level.  I lean more to setting permissions on the share and at the NTFS level.
Thoughts?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


______________________________________________
This email has been scanned by Netintelligence
http://www.netintelligence.com/email


BiP Solutions Limited is a company registered in Scotland with Company
Number SC086146 and VAT number 383030966 and having its registered
office at Medius, 60 Pacific Quay, Glasgow, G51 1DZ.

****************************************************************************
This e-mail (and any attachment) is intended only for the attention of
the addressee(s). Its unauthorised use, disclosure, storage or copying
is not permitted. If you are not the intended recipient, please destroy
all copies and inform the sender by return e-mail.
This e-mail (whether you are the sender or the recipient) may be
monitored, recorded and retained by BiP Solutions Ltd.
E-mail monitoring/ blocking software may be used, and e-mail content may
be read at any time.You have a responsibility to ensure laws are not
broken when composing or forwarding e-mails and their contents.
****************************************************************************

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------