ACLs, partitions and users profiles

Discussion in 'Windows 7 Installation' started by balubeto, Jun 23, 2012.

  1. balubeto

    balubeto Well-Known Member

    Joined:
    Apr 27, 2012
    Messages:
    53
    Likes Received:
    0
    Hi

    In Windows7 SP1, I noticed that the ACLs of the root directory of a logical partition (D:) formatted NTFS are different from those of the root directory of the system partition (C:):

    Code:
    C:\Windows\system32>icacls c:\
    c:\ BUILTIN\Administrators:(F)
        BUILTIN\Administrators:(OI)(CI)(IO)(F)
        NT AUTHORITY\SYSTEM:(F)
        NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
        BUILTIN\Users:(OI)(CI)(RX)
        NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M)
        NT AUTHORITY\Authenticated Users:(AD)
        Etichetta obbligatoria\Livello obbligatorio alto:(OI)(NP)(IO)(NW)
     
    Processing is complete for 1 file. Processing failed for file 0
     
    C:\Windows\system32>icacls d:\
    d:\ BUILTIN\Administrators:(F)
        BUILTIN\Administrators:(OI)(CI)(IO)(F)
        NT AUTHORITY\SYSTEM:(F)
        NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
        NT AUTHORITY\Authenticated Users:(M)
        NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M)
        BUILTIN\Users:(RX)
        BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
     
    Processing is complete for 1 file. Processing failed for file 0
    
    Why?

    If I were to move, in the logical partition, the users profiles (except the default profile) and the public directory, should I also change its ACLs to get a stable, secure and coherent or not?

    In particular, I wanted to know if these differences are caused solely from the partition type or if these work even on other levels of the system and users security.

    Thanks

    Bye
     
    #1 balubeto, Jun 23, 2012
    Last edited: Jun 23, 2012

Share This Page

Loading...