[Esd-l] macro scanner: defang instead of refuse

Scott Taylor scott at dctchambers.com
Wed Jun 5 08:48:01 PDT 2002


At 08:10 AM 05/06/2002, you wrote:
>On Wed, Jun 05, 2002 at 08:00:12AM +0100, Graham Murray wrote:
>
>Actually, the MS "blessed" procedure is:
>
>1. Create a global group containing the users you wish to access the
>share.
>2. Create a local group on the workstation with the share.
>3. Populate the local group with the global group from the first step.
>4. Modify the ACL on the share to allow the local group access.
>
>And NT share ACLs are not so fine grained, but NTFS ACLs are (5
>properties vs the standard 3 for UFS). *shrug*

Actually there are 4 standard ACLs in most *nix file systems, but only 3 
permission sets are normally needed.  On real network machines, with real 
security, domains are handled at the network level, not the file level.

>ObSanitizer: Is there any advantage to mangling office filenames
>(do[tc],xls, etc) with the new Outlook "security" patches installed?

Are seat belts still useful even though we have forward and side airbags?

Wasn't too long ago that the "New Outlook Security Patches" were patched.

The best Outlook security patch: Eudora. (or Pine, or Netscape Mail, or ...)

;)

Scott.



More information about the esd-l mailing list