OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jason Lopes (Jason_at_rga.com)
Date: Tue Oct 29 2002 - 10:58:30 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I believe that if you format the drive during OS installation the default
    is:

    Quote --
    WINNT is writeable by Power Users and
    Administrators, while normal users have only read and execute access.
    Similarly, on a Win2K server I just checked out, Server Operators and
    Administrators have write access, but again normal users can only read and
    execute.
    End Quote --

    but if you install the OS as a fat partition and convert it I believe
    Everyone gets full control across the board.

    Jason Lopes Systems Administrator (MCSE, MCP + I)
    Phone 212-946-4192 Fax 212-946-4010 jasonrga.com
    R/GA 350 West 39th Street New York, NY 10018 www.rga.com

    -----Original Message-----
    From: Paul Knibbs [mailto:pknibbs3t.co.uk]
    Sent: Tuesday, October 29, 2002 3:29 AM
    To: focus-mssecurityfocus.com
    Subject: WINNT security priviledge escalation attack

    Eric Howard said:

    >>Microsoft, in my opinion, has committed a grave mistake in
    the NTFS permission scheme for the WINNT directory. ANY user may create
    file in this directory, even AFTER the C2 security rollups are applied.<<

    I'm not sure what OS he's talking about, but I can attest that these are NOT
    the default permissions set on either Windows XP Professional or Windows
    2000 Server. On my XP Pro machine WINNT is writeable by Power Users and
    Administrators, while normal users have only read and execute access.
    Similarly, on a Win2K server I just checked out, Server Operators and
    Administrators have write access, but again normal users can only read and
    execute.

    Paul Knibbs
    Systems Administrator
    3T Productions Ltd
    T: 0161 492 1400 F: 0161 492 1401
    www.3t.co.uk

    Standard Disclaimer
    This message is confidential. You should not copy it or disclose its
    contents to anyone. You may use and apply the information only for the
    intended purpose. Internet communications are not secure and therefore 3T
    does not accept legal responsibility for the content of this message. Any
    views or opinions presented are only those of the author and not those of
    3T. If the e-mail has come to you in error please delete it and any
    attachments. Please note that 3T may intercept incoming and outgoing e-mail
    communications.