[THIN] Re: System Folder Permissions

• From: "Rick Mack" <Rick.Mack@xxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Sat, 1 Jan 2005 09:51:51 +1000

Hi Andrew,
 
2003 is actually quite secure provided you didn't select the NT 4 compatibility 
mode (relaxed security). This adds users to the terminal server users group, 
which has full access, as you've found, to critical file and registry areas.
 
Of course if you select full security you'll have a bit of work either 
deprotecting some file/registry areas selectively for particular applications, 
or on the registry side, using per-user file asociations. But it's worth it for 
a secure system.
 
If you have any specific questions, I'll try and help.
 
regards,
 
Rick
 
Ulrich Mack
Volante Systems
 
 

________________________________

From: thin-bounce@xxxxxxxxxxxxx on behalf of Dogers
Sent: Fri 31/12/2004 10:19 PM
To: Thin List
Subject: [THIN] System Folder Permissions



Having just wiped off a couple of games off our Citrix server, I've
gone about looking why they got on - It seems 2003 gives CREATOR OWNER
full perms and TERMINAL SERVER USERS r/w on Program Files..

Can these two be safely removed? (FileMon on standby!!)

Also, is there a tool which will let me search/dump file owners?

Andrew
********************************************************
This Weeks Sponsor SeamlessPlanet.com Domain Names
Register your .com domain name for as low as $7.85
One of the lowest prices on the web! Part of The Kenzig Group.
http://www.seamlessplanet.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Awesome SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm



#####################################################################################
This e-mail, including all attachments, may be confidential or privileged.  
Confidentiality or privilege is not waived or lost because this e-mail has been 
sent to you in error.  If you are not the intended recipient any use, 
disclosure or copying of this e-mail is prohibited.  If you have received it in 
error please notify the sender immediately by reply e-mail and destroy all 
copies of this e-mail and any attachments.  All liability for direct and 
indirect loss arising from this e-mail and any attachments is hereby disclaimed 
to the extent permitted by law.
#####################################################################################

• » [THIN] Re: System Folder Permissions
• » [THIN] Re: System Folder Permissions
• » [THIN] System Folder Permissions
• » [THIN] Re: System Folder Permissions

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription