[THIN] Re: Darn Command Prompt - was Re: Restrict Drive Access

  • From: "Jeff Durbin" <techlists@xxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Wed, 25 Feb 2004 10:29:45 +1300

Yeah, that's why you have to have something like AppSec, or someone can
email themselves CMD.EXE from NT4 and get a command prompt. NT4's CMD.EXE
doesn't respect the registry setting because it didn't exist when NT4 was
written.

JD 

> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx 
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Euan Cooper
> Sent: Wednesday, 25 February 2004 9:44 a.m.
> To: 'thin@xxxxxxxxxxxxx'
> Subject: [THIN] Re: Darn Command Prompt - was Re: Restrict 
> Drive Access
> 
> Even more interesting! - Jeff you are quite right - NT4 
> version of CMD.EXE DOES let users get to a command prompt - 
> FWIW the W2k version of command.com also allows users access 
> to a commmand prompt.
> 
> 
> 
> 
> -----Original Message-----
> From: Jeff Durbin [mailto:techlists@xxxxxxxxxxxxx]
> Sent: Wednesday, 25 February 2004 8:42 a.m.
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Darn Command Prompt - was Re: Restrict 
> Drive Access
> 
> 
> Nope. Although, I can tell you that they're putting CMD.EXE 
> from NT 4 (I assume you're running Win2K) because Win2K's 
> CMD.EXE respects the registry setting and refuses to run. Add 
> AppSec to the mix and you're set.
> 
> JD  
> 
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Seitz, Linden
> > Sent: Wednesday, 25 February 2004 8:33 a.m.
> > To: 'thin@xxxxxxxxxxxxx'
> > Subject: [THIN] Darn Command Prompt - was Re: Restrict Drive Access
> > 
> > I have the following registry key
> > (HKCU\Software\Policies\Microsoft\Windows\System\DisableCMD =
> > 2) set to "try" to disable a user's ability to open and run the 
> > command prompt.  The scenario I can't get past is if a user 
> places a 
> > copy of cmd.exe in their personal directory and run it from 
> a Citrix 
> > session.  The command prompt runs and the user is able to 
> circumvent 
> > my Hide Drives and Prevent Drive Access settings.  Is there 
> any way to 
> > avoid this from happening other than using Appsec or other add-ons?
> > 
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On
> > Behalf Of Jeff Durbin
> > Sent: Tuesday, February 24, 2004 12:27 PM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Restrict Drive Access
> > 
> > 
> > Have used it at virtually every client that had Citrix or Terminal 
> > Services.
> > It does prevent access to drives, which can be a problem 
> for your app. 
> > I've never seen a major problem as a result of using it.
> > 
> > JD
> > 
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Seitz, Linden
> > > Sent: Wednesday, 25 February 2004 3:53 a.m.
> > > To: Thin@Freelists. Org (E-mail)
> > > Subject: [THIN] Restrict Drive Access
> > > 
> > > Anyone using the "Prevent access to drives in My Computer" 
> > in security
> > > policy or .adm files in addition to hiding the drives?  I
> > would like
> > > to know if this setting "could" cause any file access 
> problems if I 
> > > enable it on my OS and Application partitions.  Thanks!
> > > ********************************************************
> > > This weeks sponsor triCerat Inc.
> > > triCerat makes your job easier by offering essential
> > applications to
> > > eliminate your printing, policy and profile, and your application 
> > > management problems.
> > > http://www.triCerat.com
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thin.net/links.cfm
> > > ***********************************************************
> > > For Archives, to Unsubscribe, Subscribe or set Digest or
> > Vacation mode
> > > use the below link:
> > > http://thin.net/citrixlist.cfm
> > > 
> > 
> > ********************************************************
> > This weeks sponsor triCerat Inc.
> > triCerat makes your job easier by offering essential 
> applications to 
> > eliminate your printing, policy and profile, and your application 
> > management problems.
> > http://www.triCerat.com
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode 
> > use the below link:
> > http://thin.net/citrixlist.cfm
> > ********************************************************
> > This weeks sponsor triCerat Inc.
> > triCerat makes your job easier by offering essential 
> applications to 
> > eliminate your printing, policy and profile, and your application 
> > management problems.
> > http://www.triCerat.com
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode 
> > use the below link:
> > http://thin.net/citrixlist.cfm
> > 
> 
> ********************************************************
> This weeks sponsor triCerat Inc.
> triCerat makes your job easier by offering essential 
> applications to eliminate your printing, policy and profile, 
> and your application management problems.
> http://www.triCerat.com
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> ********************************************************
> This weeks sponsor triCerat Inc.
> triCerat makes your job easier by offering essential 
> applications to eliminate your printing, policy and profile, 
> and your application management problems.
> http://www.triCerat.com
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> 

********************************************************
This weeks sponsor triCerat Inc.
triCerat makes your job easier by offering essential
applications to eliminate your printing, policy and profile,
and your application management problems.
http://www.triCerat.com 
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts: