[25422] in bugtraq
Re: Nearly undocumented NT security feature - the solution to executable attachments?
daemon@ATHENA.MIT.EDU (Vanja Hrustic)
Fri May 10 22:38:35 2002
Date: Fri, 10 May 2002 03:41:50 +0700
From: Vanja Hrustic <vanja@pobox.com>
To: bugtraq@securityfocus.com
Message-Id: <20020510034150.12f91c04.vanja@pobox.com>
In-Reply-To: <5.1.0.14.0.20020507152125.0279f718@pop3.aldebaran>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
On Tue, 07 May 2002 22:28:33 +0200
"KJK::Hyperion" <noog@libero.it> wrote:
> MYTH: Windows NT users cannot defend from e-mail borne malware, because
> unlike in Unix all files in Windows NT are executable, and the only
> protection against this is antivirus software (read on Usenet)
>
> FACT: all files, in Windows NT, are merely executable *by default*. In
> fact not only execution of files can be restricted on a per-file basis,
> but it can be restricted more efficiently than on Unix, and using only
> features of the operating system
Yeah, right.
Something I *really* want to find out (and is not intended to be a flame),
is:
Is it possible to have an NTFS partition under Windows 2000 (or XP, if
that matters) 'mounted' in the same way as UNIX partition is mounted with
'noexec' option? For example, if I wish that nothing can be executed on D:
disk (for example, which is not a disk where Win2000 resides, in my case),
what would I have to do?
I am very well aware that 'noexec' doesn't help much (at least on Linux)
if someone wants to execute a binary. That's not what I am interested in,
anyway. I would like to know how I can prevent 'accidental' execution of
binaries in Windows 2000/XP, on a partition level, not on a 'directory
level' (with ACLs).
Thanks in advance.
Vanja
