[WEB4LIB] Securing Window 2000 Help

[Mark Ellis]

Hi Donna,

You might want to pose this question on LIBNT-L.  To subscribe send an email
to LISTSERV at UTKVM1.UTK.EDU with "SUB LIBNT-L Donna Schumann" in the body.
It's a busy list covering all aspects of NT/Win2K in libraries.

The short answer to your question is to remove the read and execute
permission on explorer.exe for the public user.  Permissions changes can be
scripted using cacls.exe.  I can send you scripts for locking down NT 4, but
you may just want to ask on LIBNT-L because someone has probably already
done this for Win2K.


Mark Ellis
Manager, Reference and Information Services
Richmond Public Library  
Richmond, B.C.                      
(604) 231-6410
www.yourlibrary.ca


> -----Original Message-----
> From: Donna Schumann [mailto:schumann at timberland.lib.wa.us]
> Sent: Tuesday, June 12, 2001 3:40 PM
> To: Multiple recipients of list
> Subject: [WEB4LIB] Securing Window 2000 Help
> 
> 
> We are getting ready to deploy our first Windows 2000 Professional
> workstations, and we have run into a security issue that, so far, we
> haven't been able to figure out. In Windows 2000 Help, there is a link
> to the Windows Explorer. If you click on it, it launches 
> explorer, even
> when explorer.exe is listed as an application the user can 
> NOT run. How
> have others dealt with this?
> 
> Thanks! Donna
> 
> -- 
> Donna Schumann, Computer Application Specialist
> Timberland Regional Library, 415 Airdustrial Way SW, Olympia, WA 98506
> Voice: 360-704-4542  FAX: 360-586-6838  Email:
> schumann at timberland.lib.wa.us
>