Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

MS02-064 Root folder permissions

Status
Not open for further replies.
Sensibilium

Sensibilium

Programmer
Apr 6, 2000
310
GB
Apologies if this has been asked before, I tried a search but didn't find a thread about it, so here I am. :)

I'm just about to set my root folder (C:) security setting according to MS02-064 on my SBS2000 server machine, and these are the settings suggested by Microsoft:

Administrators: Full (This Folder, Subfolder and Files)
Creators Owners: Full (Subfolders and Files)
System: Full (This Folder, Subfolder and Files)
Everyone: Read and Execute (This Folder Only)

My question is this: Should I check the 'Reset permissions on all child objects' checkbox?

This is probably a newbie question, but I dunno, the last time I messed with the root folder permissions everything went loopy. [3eyes]

Thanks in advance.

(W00t! More emoticons! [2thumbsup]) Ahdkaw
Laptop Cauldrons run Thudex GUI
 
Sort by date Sort by votes
Thanks wbg34! Much appreciated

Could you/anyone explain the reason behind that? It seems that the 'Everyone' account has full access to every subfolder and file beneath the root folder. Will this be changed without the use of the 'reset permissions on all child objects' checkbox?

Permissions confuse me I'm afraid. :( Ahdkaw
 
Upvote 0 Downvote
If you check that box, then you are telling the computer that you want to change every file and folder on the C: drive to those permissions. In a default win2k install this can cause alot of problems for you. One example is that these permissions would allow any user that logs in to access everything under documents and settings including all of the administrators files. Leaving the box unchecked only changes the settings for the C:\ drive. I would recommend doing that and then getting a good book or guide (such as the NSA's guides for win2k) to hardening your server to help you determine what you want the remainder of your permissions should be.
 
Upvote 0 Downvote
Thanks for the explanation, it is a little clearer in my head now. =)

I have the Windows 2000 Server Bible, so I'll have a look through that and see if there is any info inside, if not, I'll have a look for these NSA guides you mention.

Thanks again! Ahdkaw
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sburgess73
  • Locked
  • Question
MSIPCCache Folder
Replies
0
Views
236
sburgess73
sburgess73
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
356
hairlessupportmonkey
hairlessupportmonkey
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
316
StevenFromSouth
StevenFromSouth
Dave60608
  • Locked
  • Question
Accessing shared folders via a network
Replies
5
Views
627
strongm
strongm
juliog
  • Locked
  • Question
Unable to get Server 2019 GPO Redirected Folders to Work on Windows 7
Replies
1
Views
293
tacohunter
tacohunter

Part and Inventory Search

Sponsor

Back
Top