Is there any way to exploit a windows share when NTFS permission restrict it?
Posted on 2011-09-30
If a Windows Share is set up with the permission Everyone - Full Access, and only the Domain Admins group is configured as having access to the folder through NTFS permissions, is there any way that share then becomes a security vulnerablity?
Windows server management 101 has always dictated that share vs NTFS = the most restrictive permission always applies. that being the case, I wouldn't think it would matter from a security perspective what the share permission is set to as long as the folder's access is restricted by NTFS.
Historically, you always hear about how Windows shares open up security holes, however, I've never understood why it matters as long as NTFS is restricting access. i want to make sure I'm not missing something...