Default settings for share permissions - Everyone Group

Networking/Security Forums -> Exploits // System Weaknesses

Author: oliviamcnish PostPosted: Fri Dec 18, 2009 6:21 pm    Post subject: Default settings for share permissions - Everyone Group
    ----
In the past the Everyone group was a default setting for Windows servers. I know it was changed to eliminate the anonymous access but I still see contradictory statements from Microsoft as to whether the Everyone group is the default setting to read shares for Windows servers. Can anyone help clear this up for me?

Thanks!

Author: AdamVLocation: Leeds, UK PostPosted: Fri Dec 18, 2009 7:37 pm    Post subject:
    ----
The change is that the everyone group no longer includes anonymous access, so old-school bods like me still use auth users out of habit even though everyone is now (relatively) neutered.
Current advice is probably that everyone on a share is OK as long as your NTFS is sensible (ie not wide open)

I think this was from around XP sp1 and 2003 RTM, but hopefully someone else can check this detail.

Author: oliviamcnish PostPosted: Sat Dec 19, 2009 7:22 am    Post subject: Group= Everyone
    ----
Thanks. That was what I was reading as well. It appeared to me to still be default read for any authenticated user.

We were unlucky to find a number of servers where they had not taken this default read away that contained some PII data and other super secret stuff. But, it was okay. Only 28k users had access and it's only been out there for a couple of years. I'm sure no one saw a thing. Rolling Eyes



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group