JSI Tip 5894. The default permission on the Windows 2000 system drive root allow for a Trojan Horse attack?

Windows 2000 default permissions on the root of the system drive are too loose. An attacker can place a Trojan Horse program on the root of the drive, which might be invoked, instead of a well known program, during logon.

Windows XP has closed the security gap by changing the default permissions on the root of the system drive to:

Administrators: Full (This Folder, Subfolders, and Files)
Creators Owners: Full (Subfolders and Files)
System: Full (This Folder, Subfolders, and Files)
Everyone: Read and Execute (This Folder Only)

Since the above permissions have been extensively tested, I would would set the Windows 2000 system drive root to these permissions.



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish