It is recommended that you make some changes. This security bulletin should help: MS02-064 -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Benway Sent: Friday, February 11, 2005 9:01 AM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Citrix security question I just installed Citrix XP onto a Windows 2000 SP4 server. I was looking at the ntfs file permissions and realized that the everyone group has full access to all the folders at the root. And the terminal server users has modify access to the program files folder. That just doesn't seem right. It seems like they could delete/overwrite any files they wanted or install any program that doesn't write to the registry. I've never looked at a fresh install before, I always assumed that since all my users are standard users, not power users or local admins, I'd be ok, but looking it this I'm not so sure. Do any of you change the default security settings? Thanks,jb ******************************************************** This Weeks Sponsor: ThinPrint, GmbH Now available: .print Remote Desktop Printing Engine for Microsoft Terminal Services http://www.thinprint.com/dotprint/index.php?s=682&lc=1 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm NOTICE: This electronic mail transmission from the law firm of Dinsmore & Shohl may constitute an attorney-client communication that is privileged at law. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this electronic mail transmission in error, please delete it from your system without copying it, and notify the sender by reply e-mail, so that our address record can be corrected. ******************************************************** This Weeks Sponsor: ThinPrint, GmbH Now available: .print Remote Desktop Printing Engine for Microsoft Terminal Services http://www.thinprint.com/dotprint/index.php?sh2&lc=1 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm