Default c$ shares permissions
Posted on 2014-01-28
It seems common knowledge with users they can use \\%computername%\c$ etc. to get to their C drives, even when C drive access has been carefully hidden from explorer by their IT depts.
On Windows XP default permissions for the C$ share was to only allow access to the local Administrators group. In Windows 7 it seems it shows Everyone, full control in NET SHARE C$ though it also shows the same in Windows 2003/2008 server and they prompt for admin credentials if the user isn't an admin on there.
This is in domain environment, and on my own kit non-domain as "work" network.
OK you need to be authenticated in some way and guest will (should) be disabled but anyone can access anyone's C drive.... really?!
Have read various documents all of which go nowhere.
NET SHARE C$ as a non admin user hows "Access Denied" to show the permissions BUT the same non admin user can view in explorer or PUSHD \\%computername%\c$ etc.
So have I missed an obvious policy to tie this down, or anything else for this?
I suppose we could disable admin shares through policy and try add new C$ hidden shares with specific permissions if wanted through policy again?