[THIN] Re: [OT] NTFS Share/File Security

• From: "Arthur Reyes" <ARTADMIN@xxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Wed, 18 Jan 2006 18:59:10 -0500

I'd also add that these are file servers only.  They are not
terminal servers, where someone other than a "Domain Admin" would
be able to TS into the server.


--- Original Message ---
From: "Arthur Reyes" <ARTADMIN@xxxxxxxxxxxxx>
To: thin@xxxxxxxxxxxxx
Subject: [THIN] [OT] NTFS Share/File Security

>I have a client that is in the process of adopting best practises
>for File sharing on their MS 2003 File Servers.  They have been
>informed that ACLs need to be set both on the Share and on the
>Folder itself.  ie.
>
>Share$ = ShareUsers:Full
>D:\Share = ShareUsers:Full
>
>For the life of me, I can't understand why anyone would do this.
> I've reviewed groups and share permissions, and I see no
>scenario where the more liberal share permission vs. the more
>restrictive NTFS permission would somehow grant a group of users
>more or less access than is intended.  Nor do I know of a
>vulnerability or exploit where one type of permission can be
>hacked while preserving the other kind of permission.  All I do
>see, is convoluted a security practise and administrative
>overhead, with no net gain.
>
>Age and experience has taught me that I can't possibly know
>everything, so I present to you, the illustrious masters this
>question.  Can anyone think of a reason
>(exploit/vulnerability/whatever) why you would set Share
>permissions and NTFS permissions when using one or the other
>would not result in more or less permissions than intended?
>
>I'm baffled.
>
>************************************************
>For Archives, RSS, to Unsubscribe, Subscribe or 
>set Digest or Vacation mode use the below link:
>//www.freelists.org/list/thin
>************************************************


************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************

Other related posts:

• » [THIN] [OT] NTFS Share/File Security
• » [THIN] Re: [OT] NTFS Share/File Security
• » [THIN] Re: [OT] NTFS Share/File Security
• » [THIN] Re: [OT] NTFS Share/File Security
• » [THIN] Re: [OT] NTFS Share/File Security
• » [THIN] Re: [OT] NTFS Share/File Security

1. Home
2. thin
3. Archive
4. 01-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---