Summary of Printer Sharing and M1CR0S0FT Windows98

[paulle () MICROSOFT COM (Paul Leach)]

Here is a summary of all the info on the PRINTER$ share:

A. Win95 does the same thing.

B. The reason for the share is so that when other users on the LAN that
connect to your printer they can get the device drivers for it. It happens
automatically.

C. Yes, it would have been better to put the printer drivers in a special
directory for just that purpose and share it.

D. It isn't world readable. It's readable from the LAN but not by default
from the other side of a dial-up connection -- i.e. the Internet. (If you
want to check that you're OK, go to
ControlPanel\Network\Configuration\TCP-IP->DialupAdapter, select Properties,
Bindings tab, make sure that "File and Printer sharing for Microsoft
Networks" checkbox is unchecked.)

E. WIN.INI, registry, and PWL files are not accessible via this share. They
are in \windows, not \windows\system.

F. More broadly, Windows puts no sensitive files in that directory, and I
know of no application that puts anything in that directory (other than
perhaps redistributable OS DLLs and device drivers); 99% of what's in there
are system DLLs identical copies of which are available on 100 million or so
CDROMs. Most of the rest are drivers for 3rd party devices.

G. We have always been quite clear that Win95 and Win98 are not the systems
to use if you are in a hostile security environment. We recommend Windows NT
for those environments.

Paul