|
|
When using the file or print manager or the clipboard on a computer running Windows for Workgroups, operative errors are possible when sharing directories, printers or pages of the clipboard. This can result in resources being shared unintentionally. The necessary password protection may be applied incorrectly or not at all if the user has not been sufficiently informed of the peer-to-peer functionality in Windows for Workgroups.
When using Windows 95, access rights have to be granted explicitly for a sharing, so that every user has to decide if and to whom access will be allowed. For Windows NT only one administrator can share files or directories.
As shared resources (except for the pages of the clipboard) are generally visible to all participants, other participants can detect and abuse this situation. It is possible for confidential data to be read, changed or deleted without authorisation. For instance, if a directory was shared with write access and without password protection, it would be possible to store files in that directory until the capacity of the hard disk was exhausted.
It should be noted that a shared directory will be shared automatically, if the option "Share during next start-up " is activated, without the user noticing this. For Windows 95 and Windows NT, the deactivation of the sharing must not be forgotten. In this case, the sharing must be deactivated explicitly, otherwise it will remain active even after a restart of the system.
Example:
After installation of the WfW user interface within a server-based LAN which was not accompanied by training, about 10% of all users shared the entire hard disk (root directory C:\).
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |