• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 564
  • Last Modified:

SYSTEM group in Security Properties

Hello,
I would like to find out what the SYSTEM group is for in Security Properties for files in NTFS.  Can somebody please explain or refer me to a good site?  Main question is "What happens if I remove SYSTEM from the Security tab of a file?"
Thanks,

Greg

0
grkugel
Asked:
grkugel
  • 2
1 Solution
 
Jay_Jay70Commented:
Hi grkugel,

the system group is actually your system itself, dont remove it it should be there

the system needs to have access to these files for use of services etc - it is normal
0
 
grkugelAuthor Commented:
Hi Jay Jay,
This is usually what I used to do - just left SYSTEM properties unchanged.  This time, however, our engineer is using some strange software which requires that its config file is accessible by that user only.  
Through trial-and-error and by removing first "everyone", then "administrators", etc. that config file only started to work after I removed everything except for the user himself, including SYSTEM properties.  So I'm kinda curious about what might happen now with this file and with the system as a whole.
0
 
Jay_Jay70Commented:
hmm very interesting scenario! if you are removing simply on one or two directories that hold no importance other than to that of the app, then i cant see a problem, however i am not 100% sure as i always leave mine as is so as not to cause problems, trial and error is the key though if using third party tools!
0
 
kevinf40Commented:
Hi  grkugel

Sounds like they have coded the application with some security in mind by ensuring no other users could read or tamper with the config file (does it happen to contain usernames / passwords?) by making the application check the ACL of the directory.

From a technical standpoint there is no reason for the application not to work if it has the correct access regardless of whether other users have access or not...

Certainly for application specific directories removing the system account will not cause any issues.

The system account should in general be left for most directories though (although if you really want to secure a machine you can experiment with reducing it's permissions on some directories).

cheers

K
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now