Solved

Policies to disable browsing 'my computer' don't prevent users from doing the same thing in Word and Excel

Posted on 2006-07-14
5
135 Views
Last Modified: 2013-12-04
Hi,

On a W2K3 Terminal Server with many policies I found a very stupid securty leak. With the policies I've disallowed users to browse 'my computer'. They cannot go to c:\ or d:\ from the explorer address bar.

But when a user starts MS Office Word (or any other office application) it's possible to click 'my computer' from the 'file/open' menu. Also it's possible to browse to c:\ and d:\ from the file location bar.

Is there a way to make office applications more secure? To disable those features?

Frank.
0
Comment
Question by:tagnet
5 Comments
 

Author Comment

by:tagnet
ID: 17111985
Allready found this article http://support.microsoft.com/kb/826214/en-us
but that only removes the 'my places' icons. It still keeps the option open to manually enter a path in de file/open menu.

Anyone who has a solution for that?
0
 
LVL 88

Accepted Solution

by:
rindi earned 250 total points
ID: 17113631
Use ntfs file permissions and change the security there.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 17113737
another kit:

Microsoft Shared Computer Toolkit for Windows XP
http://www.microsoft.com/windowsxp/sharedaccess/default.mspx

"This toolkit helps make it easy for anyone to set up, safeguard, and manage shared computers running Windows XP, such as those in schools, libraries, Internet cafes, and other public places."
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now