Hi,

I'm trying to find out whether it is necessary to change the existing
Windows 2000 security for the Everyone group which has 'Full Control' on the
following folder:
c:\winnt\system32\inetsrv\data

When I view the security for c:\winnt, it shows that Everyone does not have
allowable access to c:\winnt . When I view the security for the system32
folder, it shows that Everyone does not have allowable access to the system32
folder. When I view the security for the inetsrv folder, Everyone doesn't
even show up in the group list. Last, when I view the security for the data
folder, Everyone has 'Full Control' on this folder. Given all of the above,
would the Everyone group in actuality have 'Full Control' of the data folder
although Everyone does not have access to the upper level folders?

One more question, does anybody know if IIS via the Everyone group can
handle a read permission on the aforementioned data folder or is more access
required?

Any assistance would be appreciated in this matter. Thanks in advance.

Show quote Hide quote Correct - if the Everyone group has the "Bypass Traverse Checking" NT user
right.

Cheers
Ken

Show quoteHide quote

Hi Ken,

Thanks for your quick response and for the answer to my question. In this
particular case, Everyone does have Traversing privileges, and as such, we'll
have to revise it's access to the data folder accordingly. Thanks again.

MiddEware

IIS7 with multiple web sites - Windows Auth only working on localhost
Could not load type 'System.Web.Security.AccessRoleProvider'
UNC Share causing Internal Server Error 500
Virus in IFRAME injected into our ASP pages (downloader trojan on client)
Login not require a domain in IIS hosted site?
Dual https on same server not working
Certificate Installed Now I can't log into the Site
ITS Windows 2003 IIS 6.0 SSL - error 404
Disable or Control certificate auto-import?
IIS Authentication