[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Office 10 applications & flashdrives can be used to browse restricted drives

To: "Discini, Sonny" <Sonny.Discini@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Office 10 applications & flashdrives can be used to browse restricted drives
From: Denis Jedig <seclists@xxxxxxxxxxxx>
Date: Fri, 25 Feb 2005 17:59:59 +0100

Discini, Sonny wrote:

SYMPTOMS
After you establish a group policy to restrict access to a drive by
selecting the Hide these specified drives in My Computer and Prevent
access to drives from My Computer options, you can use a Microsoft
Office program to browse and read the contents of the drive.

I just hope it won't disappoint you in some way, but using a policy setting that would advise Windows Explorer to hide drives from users does not necessarily mean, users can't access the underlying devices anymore.

The setting you used to prevent access is not a security feature but rather a convinience setting. It will always be possible to go to the command shell and view the drives from there. Or to use any third-party file manager (or even the file manager out of Windows NT 4) to bypass the Windows Explorer setting to hide drives.

If you want to _really_ prevent access to data, either use appropriate ACLs (when using fixed drives) or use appropriate third-party-software which will run as a driver and have hooks into filesystem calls in order to *really* prevent acces to unwanted media.

Denis Jedig
syneticon GbR

References:
- Office 10 applications & flashdrives can be used to browse restricted drives
  - From: Discini, Sonny

Prev by Date: AW: phpWebSite-0.10.0_exploit
Next by Date: [FLSA-2005:2336] Updated kernel packages fix security issues
Previous by thread: Office 10 applications & flashdrives can be used to browse restricted drives
Next by thread: Multiple vulnerabilities found in CSGuestbook by CoolSerlets.com
Index(es):
- Date
- Thread