Link to home
Create AccountLog in
Avatar of Pau Lo
Pau Lo

asked on

app server acl concern

We have an application server with a share dedicated to the apps files. this application has a lot of "attachments" so stuff like PDFs, jpg images etc are stored here. we have just reviewed the ACL for the share, share - everyone F, directory has many groups but one that causes concern is builtin\users RWX.

Its a windows 2003 server, the docs arent sensitive/confidential, but what could rwx allow someone with malicious intentions to do to those files? Is there a risk?
Avatar of Pau Lo
Pau Lo

ASKER

Or can you think of any valid reason why a share with the applications files would be accessible with read write execute permissions to the builtin\users group?
ASKER CERTIFIED SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Pau Lo

ASKER

I thought you could only delete with full access not read write or execute.
No, modify permissions are enough or write perms.