File System Permissions

B

barb

I removed the group Everyone from my system drive(c:\) I
added authenticated users and gave them (read, write,
execute) Is this best practice?
 
S

Steven L Umbach

Generally that is a good idea. In some cases legacy software or
older/downlevel clients such as Windows NT4.0 may need access to the
everyone group, at least in certain circumstances. I would suggest not
messing with folder permissions for the \winnt folder structure that already
have restricted access for everyone/users. You may restrict individual
executables in the system32 folder such as ping, arp, attrib, if need be.
The main problem with the everyone group is that on the drive/root folder it
had full control which has been changed in XP and Windows 2003. If you do
not want users to add folfer/files to the root folder you may want to leave
them with read/list/execute permissions there. Removing the everyone group
and replacing with authenticated users will deny guest access which usually
is considered desirable anyhow. See link below for more info. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;327522
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

System Drive 2
Question about share permissions 1
NTFS Permissions - Sub-Folders 4
Best Practice File System Permissions 1
NTFS & Share permissions 3
MS05-51 Patch, and SystemDrive NTFS permissions 2
Deny users the right to delete folders/subfolders 2
Apply Group Policy to NTFS File System 12

Top