Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

What level of protection do the hidden/non accessible folders have?

microsoft.public.windows.vista.administration accounts passwords






Speedup My PC
Reply
  #1 (permalink)  
Old 04-25-2007
Les
 

Posts: n/a
What level of protection do the hidden/non accessible folders have?
Hi

Running Vista Ultimate 32bit.

As far as I can see, there exists a number of folders on my computer which I
as administrator do not have permission/ownership of sufficient to open or
view the contents. Indeed, as an example, my Documents and Settings folder
properties doesn't even tell me if there are any contents in this/these
folders.

Question 1: Can this (or other similar folders) be exploited by malicious
software?
Question 2: Do virus scanners have access to these type of
folders/contents?
Question 3: Do other normal malware detection programs have sufficient
access to these folders/files?
Question 4: Why is it thought necessary to hide the contents of these
folders?

I have read elsewhere on these newsgroups, that an administrator has no need
to access these folders! Why? An administrator, by definition, *does have*
the *rights* to full access.

The Administrator word has been corrupted now. It doesn't give the
privileges needed. It has introduced a new higher level of authority, which
I have read described as 'super-administrator' - this whole debacle is
laughable. Why could the authority of administrator not have remained so?

I have also read that MS are trying to combat the situations where normal
users were made administrators just to lessen the support needed if their
authority was less! If this is the case, then MS are barking up the wrong
tree in my opinion as what is to stop those users from being elevated to the
'super-administrator' authority just to lessen the support?

As may be obvious, my knowledge/understanding is very limited. I speak only
as a home user, the only user on my computer, who is annoyed by some of the
new security ideas introduced. I had to redirect an installation to my User
folder so that I didn't get the constant UAC warnings which occurred if I
installed into the Program Files folder. I feel the 'big brother' approach
does not and never will prevent security problems - the security problems
will just become more sophisticated to deal with - I don't really want a set
of folders which may provide nice hiding places for malicious software. The
old fashioned 'look for file xxxxx.by in the zzzzz folder' to see if you
have a malicious software program on your computer no will longer be valid
when these 'no-access' folders exist.

OK, rant over - went slightly off topic, but couldn't help myself. The
initial questions do stand though.
--
regards,
Les Hay, Livingston, Scotland



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 000736-0, 25/04/2007
Tested on: 25/04/2007 16:27:12
avast! - copyright (c) 1988-2007 ALWIL Software.
http://www.avast.com



Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 04-25-2007
Mike Brannigan
 

Posts: n/a
Re: What level of protection do the hidden/non accessible folders have?
"Les" <leshayathome@hotmailREMOVE.com> wrote in message
news:ODwxz40hHHA.5008@TK2MSFTNGP02.phx.gbl...
> Hi
>
> Running Vista Ultimate 32bit.
>
> As far as I can see, there exists a number of folders on my computer which
> I as administrator do not have permission/ownership of sufficient to open
> or view the contents. Indeed, as an example, my Documents and Settings
> folder properties doesn't even tell me if there are any contents in
> this/these folders.
>
> Question 1: Can this (or other similar folders) be exploited by malicious
> software?
> Question 2: Do virus scanners have access to these type of
> folders/contents?
> Question 3: Do other normal malware detection programs have sufficient
> access to these folders/files?
> Question 4: Why is it thought necessary to hide the contents of these
> folders?
>
> I have read elsewhere on these newsgroups, that an administrator has no
> need to access these folders! Why? An administrator, by definition, *does
> have* the *rights* to full access.
>
> The Administrator word has been corrupted now. It doesn't give the
> privileges needed. It has introduced a new higher level of authority,
> which I have read described as 'super-administrator' - this whole debacle
> is laughable. Why could the authority of administrator not have remained
> so?
>
> I have also read that MS are trying to combat the situations where normal
> users were made administrators just to lessen the support needed if their
> authority was less! If this is the case, then MS are barking up the wrong
> tree in my opinion as what is to stop those users from being elevated to
> the 'super-administrator' authority just to lessen the support?
>
> As may be obvious, my knowledge/understanding is very limited. I speak
> only as a home user, the only user on my computer, who is annoyed by some
> of the new security ideas introduced. I had to redirect an installation to
> my User folder so that I didn't get the constant UAC warnings which
> occurred if I installed into the Program Files folder. I feel the 'big
> brother' approach does not and never will prevent security problems - the
> security problems will just become more sophisticated to deal with - I
> don't really want a set of folders which may provide nice hiding places
> for malicious software. The old fashioned 'look for file xxxxx.by in the
> zzzzz folder' to see if you have a malicious software program on your
> computer no will longer be valid when these 'no-access' folders exist.
>
> OK, rant over - went slightly off topic, but couldn't help myself. The
> initial questions do stand though.
> --
> regards,
> Les Hay, Livingston, Scotland




Les,

A number of the folders you are concerned about are not actually real
folders - but links (reparse points) to provide backward compatibility for
older applications now that the locations of certain folders have been moved
such as Users is the new replacement for Documents and Settings and so on.
They are hidden so you do not need to see them and confuse yourself about
them (as you have done so).
As they are links to the real locations ,AV software, backup software etc
will use them if it is legacy software that is not aware of the new
locations or knows how to make the appropriate calls to find them.

Go into your Documents (C:\Users\<username>\Documents) folder in an
administrative command prompt and run dir /a and you will see the ones
that are real folders and the ones that are other things and what they point
to
--

Mike Brannigan

Reply With Quote
  #3 (permalink)  
Old 04-25-2007
Les
 

Posts: n/a
Re: What level of protection do the hidden/non accessible folders have?
"Mike Brannigan" <Mike.Brannigan@localhost> wrote in message
news:73FA7D25-7D25-4BB0-89C2-780F7BD429A4@microsoft.com...
> "Les" <leshayathome@hotmailREMOVE.com> wrote in message
> news:ODwxz40hHHA.5008@TK2MSFTNGP02.phx.gbl...
>> Hi
>>
>> Running Vista Ultimate 32bit.
>>
>> As far as I can see, there exists a number of folders on my computer
>> which I as administrator do not have permission/ownership of sufficient
>> to open or view the contents. Indeed, as an example, my Documents and
>> Settings folder properties doesn't even tell me if there are any contents
>> in this/these folders.
>>
>> Question 1: Can this (or other similar folders) be exploited by
>> malicious software?
>> Question 2: Do virus scanners have access to these type of
>> folders/contents?
>> Question 3: Do other normal malware detection programs have sufficient
>> access to these folders/files?
>> Question 4: Why is it thought necessary to hide the contents of these
>> folders?
>>
>> I have read elsewhere on these newsgroups, that an administrator has no
>> need to access these folders! Why? An administrator, by definition, *does
>> have* the *rights* to full access.
>>
>> The Administrator word has been corrupted now. It doesn't give the
>> privileges needed. It has introduced a new higher level of authority,
>> which I have read described as 'super-administrator' - this whole debacle
>> is laughable. Why could the authority of administrator not have remained
>> so?
>>
>> I have also read that MS are trying to combat the situations where normal
>> users were made administrators just to lessen the support needed if their
>> authority was less! If this is the case, then MS are barking up the wrong
>> tree in my opinion as what is to stop those users from being elevated to
>> the 'super-administrator' authority just to lessen the support?
>>
>> As may be obvious, my knowledge/understanding is very limited. I speak
>> only as a home user, the only user on my computer, who is annoyed by some
>> of the new security ideas introduced. I had to redirect an installation
>> to my User folder so that I didn't get the constant UAC warnings which
>> occurred if I installed into the Program Files folder. I feel the 'big
>> brother' approach does not and never will prevent security problems - the
>> security problems will just become more sophisticated to deal with - I
>> don't really want a set of folders which may provide nice hiding places
>> for malicious software. The old fashioned 'look for file xxxxx.by in the
>> zzzzz folder' to see if you have a malicious software program on your
>> computer no will longer be valid when these 'no-access' folders exist.
>>
>> OK, rant over - went slightly off topic, but couldn't help myself. The
>> initial questions do stand though.
>> --
>> regards,
>> Les Hay, Livingston, Scotland

>
>
>
> Les,
>
> A number of the folders you are concerned about are not actually real
> folders - but links (reparse points) to provide backward compatibility for
> older applications now that the locations of certain folders have been
> moved such as Users is the new replacement for Documents and Settings and
> so on.
> They are hidden so you do not need to see them and confuse yourself about
> them (as you have done so).
> As they are links to the real locations ,AV software, backup software etc
> will use them if it is legacy software that is not aware of the new
> locations or knows how to make the appropriate calls to find them.
>
> Go into your Documents (C:\Users\<username>\Documents) folder in an
> administrative command prompt and run dir /a and you will see the ones
> that are real folders and the ones that are other things and what they
> point to
> --
>
> Mike Brannigan



Thanks Mike, that has eased my concerns over those folders (links).

However, far from hiding them to avoid confusion, I suspect that many, or
perhaps even most home users who want to at least try to manage their
computer, will see these and become confused if it were not for good
explanations given by people such as you.

--
regards,
Les Hay, Livingston, Scotland



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 000736-0, 25/04/2007
Tested on: 25/04/2007 19:01:14
avast! - copyright (c) 1988-2007 ALWIL Software.
http://www.avast.com



Reply With Quote
  #4 (permalink)  
Old 04-25-2007
Mike Brannigan
 

Posts: n/a
Re: What level of protection do the hidden/non accessible folders have?
"Les" <leshayathome@hotmailREMOVE.com> wrote in message
news:%23LZo4O2hHHA.4300@TK2MSFTNGP05.phx.gbl...
> "Mike Brannigan" <Mike.Brannigan@localhost> wrote in message
> news:73FA7D25-7D25-4BB0-89C2-780F7BD429A4@microsoft.com...
>> "Les" <leshayathome@hotmailREMOVE.com> wrote in message
>> news:ODwxz40hHHA.5008@TK2MSFTNGP02.phx.gbl...
>>> Hi
>>>
>>> Running Vista Ultimate 32bit.
>>>
>>> As far as I can see, there exists a number of folders on my computer
>>> which I as administrator do not have permission/ownership of sufficient
>>> to open or view the contents. Indeed, as an example, my Documents and
>>> Settings folder properties doesn't even tell me if there are any
>>> contents in this/these folders.
>>>
>>> Question 1: Can this (or other similar folders) be exploited by
>>> malicious software?
>>> Question 2: Do virus scanners have access to these type of
>>> folders/contents?
>>> Question 3: Do other normal malware detection programs have sufficient
>>> access to these folders/files?
>>> Question 4: Why is it thought necessary to hide the contents of these
>>> folders?
>>>
>>> I have read elsewhere on these newsgroups, that an administrator has no
>>> need to access these folders! Why? An administrator, by definition,
>>> *does have* the *rights* to full access.
>>>
>>> The Administrator word has been corrupted now. It doesn't give the
>>> privileges needed. It has introduced a new higher level of authority,
>>> which I have read described as 'super-administrator' - this whole
>>> debacle is laughable. Why could the authority of administrator not have
>>> remained so?
>>>
>>> I have also read that MS are trying to combat the situations where
>>> normal users were made administrators just to lessen the support needed
>>> if their authority was less! If this is the case, then MS are barking up
>>> the wrong tree in my opinion as what is to stop those users from being
>>> elevated to the 'super-administrator' authority just to lessen the
>>> support?
>>>
>>> As may be obvious, my knowledge/understanding is very limited. I speak
>>> only as a home user, the only user on my computer, who is annoyed by
>>> some of the new security ideas introduced. I had to redirect an
>>> installation to my User folder so that I didn't get the constant UAC
>>> warnings which occurred if I installed into the Program Files folder. I
>>> feel the 'big brother' approach does not and never will prevent security
>>> problems - the security problems will just become more sophisticated to
>>> deal with - I don't really want a set of folders which may provide nice
>>> hiding places for malicious software. The old fashioned 'look for file
>>> xxxxx.by in the zzzzz folder' to see if you have a malicious software
>>> program on your computer no will longer be valid when these 'no-access'
>>> folders exist.
>>>
>>> OK, rant over - went slightly off topic, but couldn't help myself. The
>>> initial questions do stand though.
>>> --
>>> regards,
>>> Les Hay, Livingston, Scotland

>>
>>
>>
>> Les,
>>
>> A number of the folders you are concerned about are not actually real
>> folders - but links (reparse points) to provide backward compatibility
>> for older applications now that the locations of certain folders have
>> been moved such as Users is the new replacement for Documents and
>> Settings and so on.
>> They are hidden so you do not need to see them and confuse yourself about
>> them (as you have done so).
>> As they are links to the real locations ,AV software, backup software etc
>> will use them if it is legacy software that is not aware of the new
>> locations or knows how to make the appropriate calls to find them.
>>
>> Go into your Documents (C:\Users\<username>\Documents) folder in an
>> administrative command prompt and run dir /a and you will see the
>> ones that are real folders and the ones that are other things and what
>> they point to
>> --
>>
>> Mike Brannigan

>
>
> Thanks Mike, that has eased my concerns over those folders (links).
>
> However, far from hiding them to avoid confusion, I suspect that many, or
> perhaps even most home users who want to at least try to manage their
> computer, will see these and become confused if it were not for good
> explanations given by people such as you.
>
> --
> regards,
> Les Hay, Livingston, Scotland


Les,

One other quick thing is that the default setting is not to show "hidden
files and folders" so again a regular use will not even see the reparse
points as they are not displayed by default.
Obviously if you go turn on display of OS system and hidden files you will
be exposed to more of the guts of the system and this may raise questions
that would not normally have occurred to the end user.

--

Mike Brannigan

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Password Protection on Folders Douglas Porter microsoft.public.windows.vista.mail 1 04-14-2007 01:59
"Windows Live OneCare has changed your firewall protection level" Gary VanderMolen microsoft.public.windows.vista.general 8 03-16-2007 02:13
"Windows Live OneCare has changed your firewall protection level" Gary VanderMolen microsoft.public.windows.vista.security 8 03-16-2007 02:13
finding hidden folders =?Utf-8?B?RFc=?= microsoft.public.windows.vista.general 1 03-01-2007 12:39
Accessing hidden folders =?Utf-8?B?bWVyaXpvcw==?= microsoft.public.windows.vista.general 3 03-01-2007 09:08




All times are GMT +1. The time now is 22:55.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120