JSI Tip 5894. The default permission on the Windows 2000 system drive root allow for a Trojan Horse attack?
Jerold Schulman
November 3, 2002
1 Min Read
Windows 2000 default permissions on the root of the system drive are too loose. An attacker can place a Trojan Horse program on the root of the drive, which might be invoked, instead of a well known program, during logon.
Windows XP has closed the security gap by changing the default permissions onthe root of the system drive to:
Administrators: Full (This Folder, Subfolders, and Files)
Creators Owners: Full (Subfolders and Files)
System: Full (This Folder, Subfolders, and Files)
Everyone: Read and Execute (This Folder Only)
Since the above permissions have been extensively tested, I would would set the Windows 2000 system drive root to these permissions.
About the Author
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
You May Also Like