here's the comment area for today's blog post found at
http://www.zabkat.com/blog/16Aug09-file-sharing.htm
blog: file sharing
Moderators: fgagnon, nikos, Site Mods
There is a little mistake:
You say in the blog
Another point is the fact, that the simple sharing mode option does not exist in XP Home Edition. In Windows' safe mode only you can reach the security tab. But XP HE users can download FileSecPatch, which enables the security tab in the properties of files and folders in the normal mode. It works like a charm without any problems.
You say in the blog
Correct is: Everyone can read and write inside this branch, but (without admin pivileges) the user cannot alter or delete files, that have been created (= owned) by another user (regardless of the account type of the user, who created the file). This can even be seen with the second picture in the blog: Users can read and execute, but not write and modify.... C:\Documents and Settings\All Users\Documents folder where everyone on your computer has full access.
Another point is the fact, that the simple sharing mode option does not exist in XP Home Edition. In Windows' safe mode only you can reach the security tab. But XP HE users can download FileSecPatch, which enables the security tab in the properties of files and folders in the normal mode. It works like a charm without any problems.
that is not true, any user can delete and modify anybody else's stuff in "all users" shared folder. In fact in there the regular rules apply, so if you put a file and then change its security to effectively unshare it, then it will not be accessible by others
the "all users" folder just has some default attributes (that all files placed in it inherit them) which give a free for all access
the "all users" folder just has some default attributes (that all files placed in it inherit them) which give a free for all access
-
WimdeLange
- Gold Member
- Posts: 416
- Joined: 2004 Aug 16, 08:41
- Location: NL
Never, but never use file encryption. If you lose your password, your files are lost too. Forcing a change of your password? Then the files are not readable any more.
Better use things like TrueCrypt. Ok, if you loose your password of that, you are out of luck. But there are other reasons then loosing your password, for resetting a windows account which makes it impossible to read your files.
If I remember well I read this in these forums (and tested this behaviour too)
Better use things like TrueCrypt. Ok, if you loose your password of that, you are out of luck. But there are other reasons then loosing your password, for resetting a windows account which makes it impossible to read your files.
If I remember well I read this in these forums (and tested this behaviour too)
Groetjes,
Wim de Lange
Wim de Lange
Your own 2nd pic shoes the opposite: Users cannot write and modify, as easily to be seen. - The user nikos can, as long as he is the creator; but if you create another limited account you will find, that he cannot. This can be changed, but the blog is supposed to speak about default settings.nikos wrote:that is not true, any user can delete and modify anybody else's stuff in "all users" shared folder.
That is quite obvious. But if all users shall have the right to alter or delete any file inside the folder (regardless of it's creator - where is this user group in the pic BTW?) you have to tick the "modify"-field (the "write"-field gets a tick mark in this case automatically).nikos wrote:change its security to effectively unshare it, then it will not be accessible by others
You can find the default permissions in this MS article, read the table and description about Level 3:
Restricted Users can only read the files in the Shared Documents folder.
Wim,
in general I agree with you (inclusive TrueCrypt). But there might be a misunderstanding point: If the account owner himself changes his password, NTFS-encrypted files are still accessible; the same is true, if a password reset disk (exact English wording may differ) is used in case of a lost password. But if an admin deletes / modifies the password for the user's account, you are correct. BTW: in this case the user loses more, e.g. the stored passwords for network access.
in general I agree with you (inclusive TrueCrypt). But there might be a misunderstanding point: If the account owner himself changes his password, NTFS-encrypted files are still accessible; the same is true, if a password reset disk (exact English wording may differ) is used in case of a lost password. But if an admin deletes / modifies the password for the user's account, you are correct. BTW: in this case the user loses more, e.g. the stored passwords for network access.
Hm, which book?
SP3 - as said - does nothing different to SP2, that is:
USER have in the Common Documents folder the rights to read and execute, and a special permission (only for this folder and subfolder - that means not for files) to create new files and folders. You have to go into the advanced security settings to see (and alter) that.
Furthermore you should see the user group CREATOR/OWNER with the special permission only for subfolder and files with full access. (In the result this means, every user can do with the himself created object whatever he wants.)
About seeing is better than believing: Here I am with you. As far as I remember you have asked some month ago about visualization software and I and another member gave some tips about Virtual Box. In case you should have installed such a software (otherwise I recommend to do so) it is the most easy way for "seeing" to install XP there. 30 days should be enough to check this. You can even make a snapshot of the fresh installation, play with the settings and can go back to the original state by simply going back to the snapshot point.
P.S. If you have not yet used Virtual Box, I suggest to search for version 2.2.4. The actual V3-branch does not look stable to me until now.
SP3 - as said - does nothing different to SP2, that is:
USER have in the Common Documents folder the rights to read and execute, and a special permission (only for this folder and subfolder - that means not for files) to create new files and folders. You have to go into the advanced security settings to see (and alter) that.
Furthermore you should see the user group CREATOR/OWNER with the special permission only for subfolder and files with full access. (In the result this means, every user can do with the himself created object whatever he wants.)
About seeing is better than believing: Here I am with you. As far as I remember you have asked some month ago about visualization software and I and another member gave some tips about Virtual Box. In case you should have installed such a software (otherwise I recommend to do so) it is the most easy way for "seeing" to install XP there. 30 days should be enough to check this. You can even make a snapshot of the fresh installation, play with the settings and can go back to the original state by simply going back to the snapshot point.
P.S. If you have not yet used Virtual Box, I suggest to search for version 2.2.4. The actual V3-branch does not look stable to me until now.