Remove Ability To "Save As" and See PC Contents

[kpschroeder]

I am nearing completion of an XP image and have one last security flaw
to fix.

We use a telnet program called Hummingbird which will allow a user to
save a screen to file. If the choose this option it directs them strait
to "My Documents" and from there the whole PC is wide open.

I've done an exhaustive search on GPO with no resolution and I know
there is a way to remove the ability to see the "My Documents" and
"My Computer" folders and icons when the "Save As" feature of
any program is invoked.

Any one have any ideas on how to stop users from seeing the contents of
the PC when the "Save As" feature is used?

 

[Guest]

I've used this in the past. Unregister mydocs.dll.

Start, Run, regsvr32 /u mydocs.dll.

To re-enable it - Start, Run, regsvr32 mydocs.dll.

 

[kpschroeder]

I tried this but can still browse the contents of My Documents and My
Computer. What does the unregister do? How does it alter the behavoir
of the PC?

 

[Guest]

The unregister should get rid of the My Documents functionality.

Another thing you can try is redirecting the folder to somewhere else, or
setting permissions on the folder to only allow a specific user access to it.
If only UserA has access to My Docs, and UserB try's to access it, they will
get denied.