archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/winsafer/test/setacl.cmd

46 lines
2.2 KiB
Raw Normal View History

Add source files
4 years ago
  1. @echo off
  3. echo This batch file will modify some ACL permissions on the current
  4. echo user's profile directories, allowing the RESTRICTED user to access
  5. echo some parts of the profile, while denying access to others.
  6. echo This operation requires that the path shown below be on an NTFS
  7. echo file system.
  8. echo.
  9. echo "%UserProfile%"
  10. echo.
  11. echo You can abort this script now, or...
  12. pause
  14. rem Grant RESTRICTED read-only to everything
  15. cacls.exe "%UserProfile%" /e /t /g restricted:r
  17. rem Revoke RESTRICTED access to these private areas.
  18. cacls.exe "%UserProfile%\application data\identities" /e /t /r restricted
  19. cacls.exe "%UserProfile%\application data\microsoft\crypto" /e /t /r restricted
  20. cacls.exe "%UserProfile%\application data\microsoft\protect" /e /t /r restricted
  21. cacls.exe "%UserProfile%\local settings\application data\identities" /e /t /r restricted
  22. cacls.exe "%UserProfile%\local settings\application data\microsoft\crypto" /e /t /r restricted
  23. cacls.exe "%UserProfile%\local settings\application data\microsoft\protect" /e /t /r restricted
  25. rem Even worse, deny RESTRICTED to these private areas.
  26. cacls.exe "%UserProfile%\application data\identities" /e /t /d restricted
  27. cacls.exe "%UserProfile%\application data\microsoft\crypto" /e /t /d restricted
  28. cacls.exe "%UserProfile%\application data\microsoft\protect" /e /t /d restricted
  29. cacls.exe "%UserProfile%\local settings\application data\identities" /e /t /d restricted
  30. cacls.exe "%UserProfile%\local settings\application data\microsoft\crypto" /e /t /d restricted
  31. cacls.exe "%UserProfile%\local settings\application data\microsoft\protect" /e /t /d restricted
  33. rem Grant change control to the temporary folders.
  34. cacls.exe "%UserProfile%\local settings\temp" /e /t /g restricted:c
  35. cacls.exe "%UserProfile%\local settings\temporary internet files" /e /t /g restricted:c
  37. rem Revoke and deny access to our documents, too.
  38. rem Causes access denied on common dlg file open though.
  39. rem cacls.exe "%UserProfile%\My Documents" /e /t /r restricted
  40. rem cacls.exe "%UserProfile%\My Documents" /e /t /d restricted
  42. rem Revoke and deny access to cookies.
  43. cacls.exe "%UserProfile%\Cookies" /e /t /r restricted
  44. cacls.exe "%UserProfile%\Cookies" /e /t /d restricted
  46. pause