July 30th, 2002, 04:16 AM
Does anyone has any idea how can i secure my box? ? ? ?
does anyone knows how to block other users that don have the administrators access in a Win XP Pro to view other users folders and open files of other users ? ?
Because today in 1 of my computers i have several users and each and every one has a password, the problem is that a open a CMD and y saw
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\user1>
and after that i typed
C:\Documents and Settings\user1>cd..
C:\Documents and Settings\
after that i typed dir and all the user names were displayed and i typed cd and the user name and dir again and it showed me some directoris and i could open files that were in other users settings even the administrator account and i opened some zip files and some text files
How can i prevent that from hapening ? ? ? ? ? ?
July 30th, 2002, 05:02 AM
were you logged in as admin when you opened cmd?
search google for securing xp and it will give you a much more detailed list of things to do...i dont have the energy to go through all of it. good luck.
July 30th, 2002, 05:04 AM
no i was logged in as User1 one of the other users i made.
July 30th, 2002, 06:18 AM
Is the disk formated in NTFS?
If so, was it formated in NTFS when the accounts were created?
Credit travels up, blame travels down -- The Boss
July 30th, 2002, 06:41 AM
July 30th, 2002, 07:23 AM
You saw the names (that appears to be normal), but you did not say that you could access their folders and see what is in them. That is where the security should be. Windows does not hide the folder names but should not let you access their folders, or others you have not given that user access to.
July 30th, 2002, 07:24 AM
You have to go in and make the users' directories private. The only problem is, I don't remember how. There's a button somewhere which will automatically do it for you, but it's been a while since I re-did my XP machine, so I'm not sure where it is. Worst case scenario, you can log in as Administrator, and go to the Documents and Settings folder and restrict access of each folder to that specific user and the administrator's group. That'll give you what you need, though it'll take a little while to do if you have a lot of users.
July 30th, 2002, 07:45 AM
If I recall correctly, it is in the administrative tools ---> security settings. Hope this helps
It isn't paranoia when you KNOW they're out to get you...
July 30th, 2002, 07:53 AM
If its an NTFS directory, you can right click on the folder from mycomputer and then access the security tag.
Its quite likley that the whole disk has the 'everyone' security set, and each subfolder is getting permissions from its parent.
you should look at the root drive (d: or c and remove the everyone field (perhaps setting it to a minimum of authenticated users) remove.
On the user directory, remove inheritable permissions and set for only the user (and perhaps admin) to have rights
July 30th, 2002, 08:17 AM
in response to flipflop. in cmd i saw the directories and i was able to see the content and open the files, (ex. txt, zip)