[264] in winnt
Re: Securing the WinNT root.
daemon@ATHENA.MIT.EDU (Stephen D. Dowdy)
Mon Nov 16 16:29:50 1998
Date: Mon, 16 Nov 1998 16:28:54 -0500
To: "Paul B. Hill" <pbh@MIT.EDU>, ntpartners@MIT.EDU
From: "Stephen D. Dowdy" <sdowdy@MIT.EDU>
In-Reply-To: <3.0.2.32.19981116154733.03b57510@po10.mit.edu>
Paul... when you get a chance....
I've heard that a rumor that NT 5 compliance may mean not to have .ini
files but rather include these things in the registry. It seems to me that
will only complicate things more cause now we'll need to allow user access
to the registry. Is/are these rumors or is there a real direction towards
the use of registry over .ini ??? If so... will registry now have its own
set of permissions so that administrators can do their thing and users can
store preferences without worrying about other users preferences? Also, as
this thing continues to grow, how the heck will we ever know how to clean
it up? I already am seeing many user profiles proliferating across many
machines. At least I know which ones I might delete from the local
machine. I certainly wouldn't want to start scanning the registry for
potential clean-up activities.
At 03:47 PM 11/16/98 -0500, Paul B. Hill wrote:
>>...I've actually had more problems with application directories than with NT
>>itself. An appalling number of programs keep config files in their
>>application executable directories, and require user write access to the
>>config files, the application directories, and in some cases even the
>>application's own executables. ...
>
>This is the major reason why I have not tried to document any
>recommendations yet. Unfortunately, at the present time, the only practical
>answer is that each machine must be reviewed on an individual basis because
>it depends which applications or services will be running on the machine.
>
>The NT 5.0 Logo program does try to make it clear to developers how their
>applications should behave. Eventually it should be possible to secure
>major directories without breaking many of the applications that are
>important to the users.
>
>Paul
>
