Homepage
Forum
Drivers
HMM
MTM
Feed
I have the administrator account on a WinXP Pro computer. I also have a private account on the computer, that also has administrator privilges. Another private account also has administrative privileges. (Unlike Win2k,AFAIK Win XP only has two kinds of accounts.)
I have created a folder on the machine that has its security settings set only to allow access to me. However, the folder is not really secure, because although other accounts cannot access the folder, they could access the properties of the folder, and even though they cannot initially change the permissions for the folder, they could access the ownership properties page for the folder, which shows that "Administrators"as well as I can take ownership of the folder. Then, by changing ownership of the folder from my account to "Administrators" , theycan then change the privileges to give "Administrators" full control. And, because their account is part of the "Administrators"group, they end up with access to the folder.
The obvious way to avoid this would be for me to delete "Administrators"as a possible owner of the group,but there doesn't seem to be a way to do this. I can't believe that such a big security hole can exist in XP. I can understand how you might want to have a back door so that the actual Administrator of the machine to unlock any folder, but any account with administrative privileges?
Anyone know if there is any way to prevent change of ownership of my folder and make it secure? BTW, both myself and the other account must have administrative privileges, for reasons I won't go into here. However, I repeat, that only I have access to the "Administrator"account.
How to have unchangeable ownership of WinXP folder?
How to have unchangeable ownership of WinXP folder?
560, 560x, T23, T61
OK I dug some more into security settings, but still can't lock the folder down tight.
I tried logging on as Administrator, goiing into Control Panel -> Administrative Tools -> Local Security Settings -> User Rights Assignments, and I changed the value for Take Ownership of Files or Other Objects from "Administrators" to "Administrator". Now, (after a reboot) the other person cannot, from their account, change the ownership of my private folder to "Administrators" and then proceed to unlock it.
BUT, the folder is still not secure, because, the other person can go into User Rights Assignment and change the permission for Take Ownership of FIles or Other Objects back to "Administrators" from "Administrator"!
I tried to defeat that attack by deleting "Administrators" as a user group. But the other user can still add their own account to the permissions for"Take Ownership of Files or Other Objects" (because, it appears, any user with administrative privilveges can alter the security settings). So my folder is still not secure (though the person who wants to get in will have to do some serious digging into Windows administration to open it up)
Am I missing something? Any ideas?
Thanks
Any ideas?
I tried logging on as Administrator, goiing into Control Panel -> Administrative Tools -> Local Security Settings -> User Rights Assignments, and I changed the value for Take Ownership of Files or Other Objects from "Administrators" to "Administrator". Now, (after a reboot) the other person cannot, from their account, change the ownership of my private folder to "Administrators" and then proceed to unlock it.
BUT, the folder is still not secure, because, the other person can go into User Rights Assignment and change the permission for Take Ownership of FIles or Other Objects back to "Administrators" from "Administrator"!
I tried to defeat that attack by deleting "Administrators" as a user group. But the other user can still add their own account to the permissions for"Take Ownership of Files or Other Objects" (because, it appears, any user with administrative privilveges can alter the security settings). So my folder is still not secure (though the person who wants to get in will have to do some serious digging into Windows administration to open it up)
Am I missing something? Any ideas?
Thanks
Any ideas?
560, 560x, T23, T61
-
- Similar Topics
- Replies
- Views
- Last post
-
-
x41 Pen driver for winxp
by D L Davis » Sun Jan 08, 2017 2:00 am » in ThinkPad X2/X3/X4x Series incl. X41 Tablet - 1 Replies
- 370 Views
-
Last post by rkawakami
Sun Jan 08, 2017 3:26 am
-
-
-
PC Doctor ThinkVantage Toolbox -- WinXp 32-bit
by SimonA » Fri Mar 24, 2017 4:37 am » in Windows OS (Versions prior to Windows 7) - 2 Replies
- 1068 Views
-
Last post by Haxoc112
Mon May 29, 2017 9:00 pm
-
-
-
Got a nice IPS x220t from ebay, realize I have Computrace woes now
by Digitalhorizons » Sun Jan 08, 2017 7:29 am » in ThinkPad X200/201/220 and X300/301 Series - 39 Replies
- 3854 Views
-
Last post by asgaard
Tue Jun 27, 2017 10:21 am
-
-
-
What LCD options do I have for a 15" T60p these days?
by jcitme » Tue Jan 17, 2017 3:50 am » in ThinkPad T6x Series - 15 Replies
- 2001 Views
-
Last post by Troels
Fri Feb 10, 2017 4:56 pm
-
Who is online
Users browsing this forum: No registered users and 4 guests