I have been doing some risk assessment work on some MSSQL Servers. I have run the basic MBSA (baseline security analyser tool) over the Systems, and it always flags up issues with the folder permissions. I.e. in one example it lists BUILTIN\Users has some degree of access to the BINN folder.
Can I ask what would typically be in the BINN and DATA folder, and what is the risk if an unauthorised user had access to the BINN folder. And what is the risk if an unauthorised user had access to the DATA folder?
Secondly, if the BINN and DATA folders are within an administrative share – is this a false positive, as I thought if a folder was within an ADMIN share, its only ever admins who have access to it, so I don’t quite understand how it can list BUILTIN\Users, unless it isn’t considering both share and directory permissions.