Solved

ownership

Posted on 1998-01-26
10
441 Views
Last Modified: 2013-12-23
Is there a utility to give away ownership of a file/folder?

Thanks
0
Comment
Question by:jmprice
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 4

Accepted Solution

by:
TimCaturaHouser earned 50 total points
ID: 1570648
You have GOT to be joking!

That would violate DoD C-2 (Orange) Security!

If such a thing was ever created, Ms would have a patch out so fast, the modems wouldn't finish disconnecting from a session, before Redmond would 1) Issue a patch. 2) Hire a foreign assassin to take care of the programmer who wrote it.

The war between Novell and Ms over C-2 Security is not something either side takes lightly. (Even if the commerical world doesn't understand the true defination of C-2 (any color) or that C-2 is only one click higher than the lowest grade (D-x) ) They here DoD
(Dept. of Defense) and figure there business is safe. Bad assumption, but that is marketing, vs. engineering.  To give away rights or permissions, well that would make nt no more secure than '95!


0
 
LVL 5

Expert Comment

by:snimmaga
ID: 1570649
I don't know about this, if the question was that deep compromising C2 security.  If the question is "Is it possible to take ownership of a file or a folder", THEN I would say 'YES'.
All you need to take ownership of a file is the USER RIGHT, 'TAKE OWNERSHIP OF A FILE OR OBJECTS' from Policies+UserRights in the User Manager.  I guess Admins and Power Users have this by default.  But ofcourse you can give this to anybody.  Once the ownership is transfered you can revoke the right.
Ps: It is rather TAKE OWNERSHIP, not, GIVE OWNERSHIP.  
Good Luck,
Srini.
BTW, once you have the right to take over, all you need to do is to right click on file/folder - go to properties.  You will find 'Take ownership' on of the tabs of the window (I think Security).

0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570650
Hello snimmaga!

The question was Give, not take. Prehaps that is not what the question was meant to be. Giving ownership would be a major violation of security. I can see it now. I go in and mess with accounting, steal 250,000, and give owership of the account to you. Who would the cops be looking for? You, not me.

You are correct on how to take ownership, right down to the security tab, then one warning is given. Say yes, there your files/directories, (assuming valid rights), and you cannot give them away. Nor could I take ownership of accounting, take money, and give it back to accounting.

DoD security is a marketing deal for both Novell and Microsoft. It demostrates the brief blurb I have outlined, cannot be done,
at least not without access to desktops and passwords.
0
 
LVL 5

Expert Comment

by:snimmaga
ID: 1570651
I guess this is too much of arguing on an invalid subject, here. JMPRICE, should come up and clarify what his question is about GIVE/TAKE.  
Srini.
0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570652
Srini, I agree that the topic may have been incorrectly stated. Again, you are completely on-track with Taking ownership. I have been able to change the name of a member server (not a PDC), and had to take ownershihip as the administrator of the data files, then once they had something besides UNKNOWN, was able to add rights for the users, then remove myself.

No such luck with a PDC. But, useful tidbit in some cases. Again, thanks for your excelent presentation on taking ownership!

Look forward to hearing from you soon.
Tim
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Expert Comment

by:kuk010998
ID: 1570653
It *is* possible to 'give' ownership of a file system object to another account - using the Backup/restore special right with Win32 API functions. How else could scopy work? I´ve done it - only had problems doing it to directories. Maybe I should also have looked into the ImpersonateClient functions...
0
 
LVL 4

Expert Comment

by:TimCaturaHouser
ID: 1570654
Thanks Kuk!

Could you Please! Detail further how this would work?
If you can create a step by step, you would be famous!
0
 
LVL 1

Expert Comment

by:kuk010998
ID: 1570655
TCH - omigod, that´s years ago (about 3)... Let me see if I can find *those* sources (I connected jukeboxes to NT Servers when there were no drivers and did the software meself). Could take a while. And then I could only tell which API Functions / Parameters are involved, you´d need C and the SDK to do the utility - I don´t think jmprice wants to hire me to do this pgm. BTW, has anyone checked with ntinternals? the OSR guys are good at this kind of stuff.
0
 
LVL 5

Expert Comment

by:snimmaga
ID: 1570656
Kuk, BTW, could you please tell me what kind of Juke boxes you used on NT Servers and also the software for the optical file system?   I posted a question in the NT General questions area.  I have all kinds of problems with Panasonic PD/CD Juke box.  Could you please comment on this.... Thanks.
Srini.
Sorry guys for that I brought up something entirely different.  

0
 

Author Comment

by:jmprice
ID: 1570657
Wow, quite a converstation going on about this.  I was talking about giving ownership.  It can be done from a mac connected to the nt server (sharing properties), where you just type in the owner name...  The reason I ask is because we share all of the user's home dirs, so when I create a user, nt says it cannot create the directory \\servername\username of course, because the folder hasn't been shared yet.  so I create the homedirs, but then administrator is the owner.
Thanks for all the comments!


0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now