archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/admtools/c2config/inf/low/c2ntfacl.inf

393 lines
9.9 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. ; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
  2. ;
  3. ; File System ACL definition file
  4. ;
  5. ; Use this file to set the ACL's on files and directories to the desired
  6. ; security. The format of each entry is:
  7. ;
  8. ; [DirPath]
  9. ; Domain\Account = [Predefined Access | FileAccessString [, DirAccessString]]
  10. ;
  11. ; [FilePath]
  12. ; Domain\Account = [Predefined Access | FileAccessString]
  13. ;
  14. ; where:
  15. ;
  16. ; FilePath is the path of the file or directory to set. This is in the
  17. ; format of a file path name. The file path may contain environment
  18. ; variables (such as %systemroot%) which will be expanded on the
  19. ; system running tha application.
  20. ;
  21. ; the last item in the FilePath string may be a directory, file,
  22. ; wildcard file or an exclamation ("!"). In the case of an exclamation
  23. ; all files and sub-directories of the preceeding path will be set
  24. ; to the specified security.
  25. ;
  26. ; for example:
  27. ;
  28. ; [%systemroot%\system32\!]
  29. ;
  30. ; would assign the security description of that section
  31. ; to all files and sub-directories UNDER the
  32. ; %systemroot\system32 directory as well as to the
  33. ; %systemroot\system32 directory itself. To assign
  34. ; security to just the files in that directory ,
  35. ; an entry such as the following would be needed:
  36. ;
  37. ; [%systemroot%\system32\*.*]
  38. ;
  39. ;
  40. ; Domain\Account
  41. ; specifies the account to recieve the specified access for that
  42. ; file. Account may be an account or a group. For Example to give
  43. ; permissions to all administrator accounts, the:
  44. ;
  45. ; BUILTIN\Administrators
  46. ;
  47. ; would be the correct entry.
  48. ;
  49. ; access string is defined as one of the following:
  50. ;
  51. ; a combination of access chars
  52. ;
  53. ; access
  54. ; char File Access Dir Access
  55. ; ---- ---------------- ----------------
  56. ; R = Read Data List Directory
  57. ; W = Write Data Add File
  58. ; X = Execute File Traverse Directory
  59. ; D = Delete Delete
  60. ; P = Change Perms Change Perms
  61. ; O = Take Ownership Take Ownership
  62. ;
  63. ; e.g. SYSTEM = RWXD
  64. ;
  65. ;
  66. ; there are also some predefined combination access keys:
  67. ;
  68. ; NONE = no access
  69. ; ALL = RWXDPO
  70. ;
  71. ; Standard Directory & File access references are:
  72. ;
  73. ; Access Access Granted
  74. ; Name (Dir)(File)
  75. ; ----------- ------------------
  76. ; FullControl = (ALL)(ALL)
  77. ; Change = (RWXD)(RWXD)
  78. ; AddRead = (RWX)(RX)
  79. ; Read = (RX)(RX)
  80. ; Add = (WX)(none specified)
  81. ; List = (RX)(none specified)
  82. ; NoAccess = (NONE)(NONE)
  83. ;
  84. ;
  85. ; * * * * * * * * * * * * N O T E * * * * * * * * * * * * * * * * *
  86. ;
  87. ; For correct application of the access control, the more restrictive
  88. ; access entries must be placed ahead of (on top of) the more permissive
  89. ; access. The correct "sort" order would be:
  90. ;
  91. ; NoAccess, List, Add, Read, AddRead, Change, FullControl
  92. ;
  93. ;
  94. ; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
  95. ;
  96. ; NOTE: the security items are applied from the top of the file to the
  97. ; bottom. Because of that, top level directory entries with more re-
  98. ; strictive security should be at the top of the file and less restric-
  99. ; tive entries to specific users and/or specific files should be listed
  100. ; next.
  101. ;
  102. ; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
  104. [%SystemDrive%\]
  105. Everyone = RWX
  106. BUILTIN\Administrators = FullControl
  107. CREATOR OWNER = FullControl
  108. SYSTEM = FullControl
  110. [%SystemDrive%\*.*]
  111. Everyone = RWX
  113. [%SystemDrive%\IO.SYS]
  114. Everyone = Change
  115. BUILTIN\Administrators = FullControl
  116. SYSTEM = FullControl
  118. [%SystemDrive%\MSDOS.SYS]
  119. Everyone = Change
  120. BUILTIN\Administrators = FullControl
  121. SYSTEM = FullControl
  123. [%SystemDrive%\BOOT.INI]
  124. BUILTIN\Administrators = FullControl
  125. SYSTEM = FullControl
  127. [%SystemDrive%\NTDETECT.COM]
  128. BUILTIN\Administrators = FullControl
  129. SYSTEM = FullControl
  131. [%SystemDrive%\NTLDR.]
  132. BUILTIN\Administrators = FullControl
  133. SYSTEM = FullControl
  135. [%SystemDrive%\AUTOEXEC.BAT]
  136. Everyone = Read
  137. BUILTIN\Administrators = FullControl
  138. SYSTEM = FullControl
  140. [%SystemDrive%\CONFIG.SYS]
  141. Everyone = Read
  142. BUILTIN\Administrators = FullControl
  143. SYSTEM = FullControl
  145. [%SystemDrive%\TEMP\!]
  146. Everyone = Change
  147. BUILTIN\Administrators = FullControl
  148. CREATOR OWNER = FullControl
  149. SYSTEM = FullControl
  151. ;[%SystemDrive%\USERS\!]
  152. ;Everyone = List
  153. ;BUILTIN\Administrators = FullControl
  154. ;SYSTEM = FullControl
  156. ;[%SystemDrive%\USERS\DEFAULT\!]
  157. ;Everyone = RWX
  158. ;CREATOR OWNER = FullControl
  159. ;SYSTEM = FullControl
  161. ;[%SystemDrive%\WIN32APP\!]
  162. ;Everyone = Read
  163. ;BUILTIN\Administrators = FullControl
  164. ;CREATOR OWNER = FullControl
  165. ;SYSTEM = FullControl
  167. ;[%SystemDrive%\Profiles\!]
  168. ;Everyone = RWX,R
  169. ;BUILTIN\Administrators = FullControl
  170. ;CREATOR OWNER = RX,RW
  171. ;SYSTEM = FullControl
  173. [%SystemRoot%\!]
  174. Everyone = Change
  175. BUILTIN\Administrators = FullControl
  176. CREATOR OWNER = FullControl
  177. SYSTEM = FullControl
  179. [%SystemRoot%\*.*]
  180. Everyone = Read
  181. BUILTIN\Administrators = FullControl
  182. SYSTEM = FullControl
  184. [%SystemRoot%\*.INI]
  185. Everyone = Change
  186. BUILTIN\Administrators = FullControl
  187. SYSTEM = FullControl
  189. ;[%SystemRoot%\LOCALMON.DLL]
  190. ;Everyone = Read
  191. ;BUILTIN\Power Users = Change
  192. ;BUILTIN\Administrators = FullControl
  193. ;SYSTEM = FullControl
  195. ;[%SystemRoot%\PRINTMAN.HLP]
  196. ;Everyone = Read
  197. ;BUILTIN\Power Users = Change
  198. ;BUILTIN\Administrators = FullControl
  199. ;SYSTEM = FullControl
  201. [%SystemRoot%\REPAIR\!]
  202. BUILTIN\Administrators = FullControl
  204. [%SystemRoot%\SYSTEM\*.*]
  205. Everyone = Read
  206. BUILTIN\Administrators = FullControl
  207. CREATOR OWNER = FullControl
  208. SYSTEM = FullControl
  210. [%SystemRoot%\SYSTEM32\*.*]
  211. Everyone = Read
  212. BUILTIN\Administrators = FullControl
  213. CREATOR OWNER = FullControl
  214. SYSTEM = FullControl
  216. [%SystemRoot%\SYSTEM32\AUTOEXEC.NT]
  217. Everyone = Change
  218. BUILTIN\Administrators = FullControl
  219. SYSTEM = FullControl
  221. [%SystemRoot%\SYSTEM32\CMOS.RAM]
  222. Everyone = Change
  223. BUILTIN\Administrators = FullControl
  224. SYSTEM = FullControl
  226. [%SystemRoot%\SYSTEM32\CONFIG.NT]
  227. Everyone = Change
  228. BUILTIN\Administrators = FullControl
  229. SYSTEM = FullControl
  231. [%SystemRoot%\SYSTEM32\MIDIMAP.CFG]
  232. Everyone = Change
  233. BUILTIN\Administrators = FullControl
  234. SYSTEM = FullControl
  236. ;[%SystemRoot%\SYSTEM32\PASSPORT.MID]
  237. ;Everyone = FullControl
  239. [%SystemRoot%\SYSTEM32\CONFIG]
  240. BUILTIN\Administrators = FullControl
  241. CREATOR OWNER = FullControl
  242. Everyone = List
  243. SYSTEM = FullControl
  245. [%SystemRoot%\SYSTEM32\CONFIG\*.*]
  246. Everyone = List
  247. BUILTIN\Administrators = FullControl
  248. CREATOR OWNER = FullControl
  249. SYSTEM = Fullontrol
  251. [%SystemRoot%\SYSTEM32\CONFIG\DEFAULT.LOG]
  252. Everyone = FullControl
  254. [%SystemRoot%\SYSTEM32\CONFIG\SAM.]
  255. Everyone = FullControl
  257. [%SystemRoot%\SYSTEM32\CONFIG\SAM.LOG]
  258. Everyone = FullControl
  260. [%SystemRoot%\SYSTEM32\CONFIG\SECURITY.]
  261. Everyone = FullControl
  263. [%SystemRoot%\SYSTEM32\CONFIG\SECURITY.LOG]
  264. Everyone = FullControl
  266. [%SystemRoot%\SYSTEM32\CONFIG\SYSTEM.]
  267. Everyone = FullControl
  269. [%SystemRoot%\SYSTEM32\CONFIG\SYSTEM.ALT]
  270. Everyone = FullControl
  272. [%SystemRoot%\SYSTEM32\CONFIG\SYSTEM.LOG]
  273. Everyone = FullControl
  275. ;[%SystemRoot%\SYSTEM32\CONFIG\USERDEF.]
  276. ;Everyone = Read
  277. ;SYSTEM = Change
  278. ;BUILTIN\Administrators = FullControl
  280. [%SystemRoot%\SYSTEM32\DHCP\!]
  281. Everyone = Read
  282. BUILTIN\Power Users = Change
  283. BUILTIN\Administrators = FullControl
  284. CREATOR OWNER = FullControl
  285. SYSTEM = FullControl
  287. [%SystemRoot%\SYSTEM32\DRIVERS\!]
  288. Everyone = Read
  289. BUILTIN\Administrators = FullControl
  290. CREATOR OWNER = FullControl
  291. SYSTEM = FullControl
  293. [%SystemRoot%\SYSTEM32\OS2\OSO001.009]
  294. Everyone = Read
  295. BUILTIN\Administrators = FullControl
  296. SYSTEM = FullControl
  298. [%SystemRoot%\SYSTEM32\OS2\DLL\DOSCALLS.DLL]
  299. Everyone = Read
  300. BUILTIN\Administrators = FullControl
  301. SYSTEM = FullControl
  303. [%SystemRoot%\SYSTEM32\OS2\DLL\NETAPI.DLL]
  304. Everyone = FullControl
  306. [%SystemRoot%\SYSTEM32\RAS]
  307. Everyone = Read
  308. BUILTIN\Power Users = Change
  309. BUILTIN\Administrators = FullControl
  310. CREATOR OWNER = FullControl
  311. SYSTEM = FullControl
  313. [%SystemRoot%\SYSTEM32\RAS\*.*]
  314. Everyone = Read
  315. BUILTIN\Administrators = FullControl
  316. SYSTEM = FullControl
  318. [%SystemRoot%\SYSTEM32\REPL\!]
  319. Everyone = Read
  320. BUILTIN\Administrators = FullControl
  321. CREATOR OWNER = FullControl
  322. SYSTEM = FullControl
  324. [%SystemRoot%\SYSTEM32\REPL\EXPORT]
  325. Everyone = Change
  326. BUILTIN\Administrators = FullControl
  327. CREATOR OWNER = FullControl
  328. SYSTEM = FullControl
  330. [%SystemRoot%\SYSTEM32\REPL\EXPORT\*.*]
  331. CREATOR OWNER = FullControl
  332. BUILTIN\Administrators = FullControl
  333. Everyone = Change
  334. SYSTEM = FullControl
  336. [%SystemRoot%\SYSTEM32\REPL\EXPORT\SCRIPTS]
  337. Everyone = Read
  338. BUILTIN\Replicator = Change
  339. BUILTIN\Administrators = FullControl
  340. CREATOR OWNER = FullControl
  341. SYSTEM = FullControl
  343. [%SystemRoot%\SYSTEM32\REPL\EXPORT\SCRIPTS\*.*]
  344. Everyone = Read
  345. BUILTIN\Replicator = Change
  346. BUILTIN\Administrators = FullControl
  347. CREATOR OWNER = FullControl
  348. SYSTEM = FullControl
  350. [%SystemRoot%\SYSTEM32\REPL\IMPORT]
  351. Everyone = Change
  352. BUILTIN\Administrators = FullControl
  353. CREATOR OWNER = FullControl
  354. SYSTEM = FullControl
  356. [%SystemRoot%\SYSTEM32\REPL\IMPORT\*.*]
  357. Everyone = Change
  358. BUILTIN\Administrators = FullControl
  359. CREATOR OWNER = FullControl
  360. SYSTEM = FullControl
  362. [%SystemRoot%\SYSTEM32\REPL\IMPORT\SCRIPTS]
  363. Everyone = Read
  364. BUILTIN\Replicator = Change
  365. BUILTIN\Administrators = FullControl
  366. CREATOR OWNER = FullControl
  367. SYSTEM = FullControl
  369. [%SystemRoot%\SYSTEM32\REPL\IMPORT\SCRIPTS\*.*]
  370. Everyone = Read
  371. BUILTIN\Replicator = Change
  372. BUILTIN\Administrators = FullControl
  373. CREATOR OWNER = FullControl
  374. SYSTEM = FullControl
  376. [%SystemRoot%\SYSTEM32\SPOOL\!]
  377. Everyone = Read
  378. BUILTIN\Power Users = Change
  379. BUILTIN\Administrators = FullControl
  380. CREATOR OWNER = FullControl
  381. SYSTEM = FullControl
  383. [%SystemRoot%\SYSTEM32\SPOOL\DRIVERS\W32X86\1]
  384. Everyone = FullControl
  386. [%SystemRoot%\SYSTEM32\SPOOL\PRTPROCS\W32X86\WINPRINT.DLL]
  387. Everyone = Read
  388. BUILTIN\Power Users = Change
  389. BUILTIN\Administrators = FullControl
  390. SYSTEM = FullControl
  392. [%SystemRoot%\SYSTEM32\WINS\!]
  393. Everyone = FullControl