Security Basics mailing list archives
Re: Share Permissions
From: ozzie ozzie <ozkan_aziz () hotmail com>
Date: 11 Jun 2003 14:33:33 -0000
In-Reply-To: <BAY7-DAV55gBDu9CEIe0004bd61 () hotmail com> Depending on how your OS has been setup, it may allow access to the file via anonymous logon (NULL session). It may be better to set it for a particular users, or config your local security sessions to prevent NULL sessions. hope that helps. oz
Received: (qmail 32687 invoked from network); 10 Jun 2003 15:12:30 -0000 Received: from outgoing2.securityfocus.com (205.206.231.26) by mail.securityfocus.com with SMTP; 10 Jun 2003 15:12:30 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing2.securityfocus.com (Postfix) with QMQP
id E17AE8F283; Tue, 10 Jun 2003 09:12:58 -0600 (MDT)
Mailing-List: contact security-basics-help () securityfocus com; run by
ezmlm
Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 6072 invoked by uid 0); 10 Jun 2003 04:18:31 -0000 X-Originating-IP: [213.8.110.116] X-Originating-Email: [rlanguy () hotmail com] From: "Lan Guy" <rlanguy () hotmail com> To: <gillettdavid () fhda edu>, <ben () lanwest com au>, "'Security-Basics'" <security-basics () securityfocus com> References: <042401c32eb5$0ca36920$6e811299@gillett> Subject: Re: Share Permissions Date: Tue, 10 Jun 2003 09:20:02 +0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.3790.0 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0 Message-ID: <BAY7-DAV55gBDu9CEIe0004bd61 () hotmail com> X-OriginalArrivalTime: 10 Jun 2003 06:20:17.0820 (UTC) FILETIME=
[5CBE45C0:01C32F18]
MS could rename the EVERYONE account to ANYONE to make it more clear. DR ----- Original Message ----- From: "David Gillett" <gillettdavid () fhda edu> To: <ben () lanwest com au>; "'Security-Basics'" <security-basics () securityfocus com> Sent: Monday, June 09, 2003 9:29 PM Subject: RE: Share Permissions-----Original Message----- From: Benjamin Meade [mailto:ben () lanwest com au] Just wondering in Win2K server, when I share a folder, I set the
share
permissions to full access for everybody, and then control access
using
the file permissions. (Basically cos it cuts down on administration,
and
I'm lazy.) Are there any security issues running this way, or is it
much
of a muchness?First of all, I presume that by "file" permissions, you mean "NTFS permissions" -- which, of course, presumes that you're *using* NTFS. If all that's true, then you're probably okay. The remaining risk is that you may make shares visible and even mountable (even if all other access is denied) to people whom you might prefer not even know they exist. David Gillett -----------------------------------------------------------------------
---
-Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access
in
about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm -----------------------------------------------------------------------
---
---------------------------------------------------------------------------
--
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
-------------------------------------------------------------------------
---
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Current thread:
- Share Permissions Benjamin Meade (Jun 09)
- RE: Share Permissions David Gillett (Jun 09)
- Re: Share Permissions Lan Guy (Jun 10)
- Re: Share Permissions Harish Gondavale (Jun 11)
- RE: Share Permissions Benjamin Meade (Jun 11)
- Re: Share Permissions Lan Guy (Jun 10)
- RE: Share Permissions David Gillett (Jun 09)
- RE: Share Permissions Manuel Fernandes (Jun 09)
- Re: Share Permissions Roger A. Grimes (Jun 09)
- <Possible follow-ups>
- RE: Share Permissions Jennifer Fountain (Jun 09)
- RE: Share Permissions Chris Berry (Jun 10)
- RE: Share Permissions Chris Berry (Jun 10)
- Re: Share Permissions ozzie ozzie (Jun 11)
- Re: Share Permissions Marco Araujo (Jun 13)