[29789] in bugtraq
Oddities in Windows ACL inheritance
daemon@ATHENA.MIT.EDU (Nicolas RUFF (lists))
Tue Apr 15 13:55:00 2003
Message-ID: <3E9C2A88.2060205@edelweb.fr>
Date: Tue, 15 Apr 2003 17:51:36 +0200
From: "Nicolas RUFF (lists)" <ruff.lists@edelweb.fr>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hi all,
Let's have a look at Windows 2000/XP ACL inheritance oddities :
1/ Create a new file named "test.txt"
2/ Break ACL inheritance and apply custom ACL
3/ Rename "test.txt" to "othertest.txt"
4/ Check that ACL has not changed
Now :
1/ Use REGEDIT and create a new key (in HKCU for example) named "key"
2/ Break ACL inheritance and apply custom ACL
3/ Rename "key" to "newkey"
4/ ACL has been reseted and is now inherited from parent !
It looks like the "rename" paradigm does not make sense for registry
keys and REGEDIT has to create a new key, copy values, and delete the
old key.
Bug or feature ?
Regards,
- Nicolas RUFF
-----------------------------------
Security Consultant
EdelWeb (http://www.edelweb.fr/)
Mail : nicolas.ruff@edelweb.fr
-----------------------------------
