----------------------------------------------------------- SearchWin2000.com's Security Tip ----------------------------------------------------------- TODAY'S SECURITY TIP: Avoid inconsistent permissions ========================================================== SPONSORED BY: SurfControl ========================================================== SECURITY ALERT: This threat comes from inside your company. Confidentiality leaks and "inappropriate" jokes can cost your company millions. It doesn't stop there -- your unmanaged email system is left vulnerable to spam and spoof attacks -- even worse, virus attacks! Improve your email system efficiency, increase security and limit legal liability the easy way. Install SuperScout Email Filter -- Try it FREE for 30-days. DOWNLOAD now at: http://www.surfcontrol.com/offer/TTST0529 =========================================================== "Avoid inconsistent permissions" By Adesh Rampat You can develop some problems from assigning mixed permissions. Mixed or contradictory permissions occur when there is a mixture of share and file permissions with resources assigned to groups and users. When you don't properly assign permissions, or when there are contradictory permissions, Windows will use the most restrictive permission. If, for example, a user is a member of a group that has read-only access to a shared resource and is also a member of another group that has full control over the same shared resource, then read-only permission will apply since this is the more restrictive permission. Before assigning permissions to groups and users, you should properly plan and test the shared permissions to make sure they work properly. The last thing you want is a user who was given read access to sub folder also having the same access to a restricted folder! Another problem area is ownership. With NT file system (NTFS), if a user creates a folder or file, he/she automatically becomes the owner and is able to perform any changes necessary to the file or folder. So you should allow users to create sub folders only in their respective home directories. Periodically, however, you should investigate file/folder permissions created for users outside of the home directory and, if necessary, apply ownership to the administrator account. Why? If permissions for a new user need to be added to a shared folder, and the files in this folder are owned by another user, then the new user will not be granted permissions to use the folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Adesh Rampat is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics. ======================================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Discussion Forum Fever! Discuss your security issues in our Administrator Discussion Forum! It is a great place to pick up tips, share advice or post a question. Visit the forum today at http://searchwin2000.discussions.techtarget.com/WebX?50@@.ee83d68 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ======================================================== If you would like to sponsor this or any techtarget newsletter, please contact Gabrielle DeRussy at [EMAIL PROTECTED] ======================================================== If you no longer wish to receive this newsletter simply reply to this message with "REMOVE" in the subject line. Or, visit http://searchWin2000.techtarget.com/register and adjust your subscriptions accordingly. If you choose to unsubscribe using our automated processing, you must send the "REMOVE" request from the email account to which this newsletter was delivered. Please allow 24 hours for your "REMOVE" request to be processed.
