Penetration Testing mailing list archives
Re: Win2k Permissions bug
From: Frank Heyne <fh () rcs urz tu-dresden de>
Date: Sat, 9 Jun 2001 20:41:49 +0200
On 8 Jun 2001, at 23:06, Parth Galen wrote:
The problem seems to manifest itself when using applications that create temp files. As many current software packages do create temp files the network security implications are obvious.
MS Office never was aware of NT permissions, it always assumed you run itself on Win9x. This is why you could not harden a NT machine according to MS recommendations and have a fully working installation of MS Office on it at the same time. To solve your problem, I see 2 ways: 1. Ask the vendors of application software for fixes for their broken software. The problem you report is NOT a problem of W2K, it is a problem of the application software! The software creates a new file, deletes the original file, and renames the new file to the old one. It should, of course, attach the old permissions to the new file. I don't see a way how the os should solve this application bug. 2. Put files with different permissions into different folders. This way is probably faster ;-) Frank Heyne
Current thread:
- Win2k Permissions bug Parth Galen (Jun 09)
- Re: Win2k Permissions bug Frank Heyne (Jun 09)
- <Possible follow-ups>
- Re: Win2k Permissions bug Parth Galen (Jun 11)