• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 158
  • Last Modified:

Policies to disable browsing 'my computer' don't prevent users from doing the same thing in Word and Excel

Hi,

On a W2K3 Terminal Server with many policies I found a very stupid securty leak. With the policies I've disallowed users to browse 'my computer'. They cannot go to c:\ or d:\ from the explorer address bar.

But when a user starts MS Office Word (or any other office application) it's possible to click 'my computer' from the 'file/open' menu. Also it's possible to browse to c:\ and d:\ from the file location bar.

Is there a way to make office applications more secure? To disable those features?

Frank.
0
tagnet
Asked:
tagnet
1 Solution
 
tagnetAuthor Commented:
Allready found this article http://support.microsoft.com/kb/826214/en-us
but that only removes the 'my places' icons. It still keeps the option open to manually enter a path in de file/open menu.

Anyone who has a solution for that?
0
 
rindiCommented:
Use ntfs file permissions and change the security there.
0
 
bbaoIT ConsultantCommented:
another kit:

Microsoft Shared Computer Toolkit for Windows XP
http://www.microsoft.com/windowsxp/sharedaccess/default.mspx

"This toolkit helps make it easy for anyone to set up, safeguard, and manage shared computers running Windows XP, such as those in schools, libraries, Internet cafes, and other public places."
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now