mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
688 lines
17 KiB
688 lines
17 KiB
; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
|
|
;
|
|
; File System ACL definition file
|
|
;
|
|
; Use this file to set the ACL's on files and directories to the desired
|
|
; security. The format of each entry is:
|
|
;
|
|
; [DirPath]
|
|
; Domain\Account = [Predefined Access | FileAccessString [, DirAccessString]]
|
|
;
|
|
; [FilePath]
|
|
; Domain\Account = [Predefined Access | FileAccessString]
|
|
;
|
|
; where:
|
|
;
|
|
; FilePath is the path of the file or directory to set. This is in the
|
|
; format of a file path name. The file path may contain environment
|
|
; variables (such as %systemroot%) which will be expanded on the
|
|
; system running tha application.
|
|
;
|
|
; the last item in the FilePath string may be a directory, file,
|
|
; wildcard file or an exclamation ("!"). In the case of an exclamation
|
|
; all files and sub-directories of the preceeding path will be set
|
|
; to the specified security.
|
|
;
|
|
; for example:
|
|
;
|
|
; [%systemroot%\system32\!]
|
|
;
|
|
; would assign the security description of that section
|
|
; to all files and sub-directories UNDER the
|
|
; %systemroot\system32 directory as well as to the
|
|
; %systemroot\system32 directory itself. To assign
|
|
; security to just the files in that directory ,
|
|
; an entry such as the following would be needed:
|
|
;
|
|
; [%systemroot%\system32\*.*]
|
|
;
|
|
;
|
|
; Domain\Account
|
|
; specifies the account to recieve the specified access for that
|
|
; file. Account may be an account or a group. For Example to give
|
|
; permissions to all administrator accounts, the:
|
|
;
|
|
; BUILTIN\Administrators
|
|
;
|
|
; would be the correct entry.
|
|
;
|
|
; access string is defined as one of the following:
|
|
;
|
|
; a combination of access chars
|
|
;
|
|
; access
|
|
; char File Access Dir Access
|
|
; ---- ---------------- ----------------
|
|
; R = Read Data List Directory
|
|
; W = Write Data Add File
|
|
; X = Execute File Traverse Directory
|
|
; D = Delete Delete
|
|
; P = Change Perms Change Perms
|
|
; O = Take Ownership Take Ownership
|
|
;
|
|
; e.g. SYSTEM = RWXD
|
|
;
|
|
;
|
|
; there are also some predefined combination access keys:
|
|
;
|
|
; NONE = no access
|
|
; ALL = RWXDPO
|
|
;
|
|
; Standard Directory & File access references are:
|
|
;
|
|
; Access Access Granted
|
|
; Name (Dir)(File)
|
|
; ----------- ------------------
|
|
; FullControl = (ALL)(ALL)
|
|
; Change = (RWXD)(RWXD)
|
|
; AddRead = (RWX)(RX)
|
|
; Read = (RX)(RX)
|
|
; Add = (WX)(none specified)
|
|
; List = (RX)(none specified)
|
|
; NoAccess = (NONE)(NONE)
|
|
;
|
|
;
|
|
; * * * * * * * * * * * * N O T E * * * * * * * * * * * * * * * * *
|
|
;
|
|
; For correct application of the access control, the more restrictive
|
|
; access entries must be placed ahead of (on top of) the more permissive
|
|
; access. The correct "sort" order would be:
|
|
;
|
|
; NoAccess, List, Add, Read, AddRead, Change, FullControl
|
|
;
|
|
;
|
|
; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
|
|
;
|
|
; NOTE: the security items are applied from the top of the file to the
|
|
; bottom. Because of that, top level directory entries with more re-
|
|
; strictive security should be at the top of the file and less restric-
|
|
; tive entries to specific users and/or specific files should be listed
|
|
; next.
|
|
;
|
|
; * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
|
|
|
|
|
|
; remove access for Everyone for whole drive
|
|
|
|
[%SystemDrive%\!]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\]
|
|
BUILTIN\Users = List
|
|
;Anonymous = List
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\*.*]
|
|
BUILTIN\Users = R
|
|
;Anonymous = R
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\IO.SYS]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\MSDOS.SYS]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\BOOT.INI]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\NTDETECT.COM]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\NTLDR.]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\AUTOEXEC.BAT]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\CONFIG.SYS]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemDrive%\TEMP\!]
|
|
BUILTIN\Users = RWX
|
|
;Anonymous = RWX
|
|
CREATOR OWNER= RWXD, RWD
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
;[%SystemDrive%\USERS\!]
|
|
;BUILTIN\Users = R
|
|
;Anonymous = R
|
|
;CREATOR OWNER= RWXD, RWD
|
|
;BUILTIN\Administrators = FullControl
|
|
;SYSTEM = FullControl
|
|
|
|
;[%SystemDrive%\USERS\DEFAULT\!]
|
|
;BUILTIN\Users = RWD, RWD
|
|
;Anonymous = RWD, RWD
|
|
;CREATOR OWNER= RWXD, RWD
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemDrive%\WIN32APP\!]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\!]
|
|
BUILTIN\Users = READ
|
|
;Anonymous = READ
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
;cannot deny users since it breaks WIN16 apps
|
|
;[%SystemRoot%]
|
|
;BUILTIN\Administrators = FullControl
|
|
;SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\*.*]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\*.INI]
|
|
BUILTIN\Users = READ
|
|
;Anonymous = READ
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\HELP\]
|
|
BUILTIN\Users = Change
|
|
;Anonymous = Change
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\REPAIR\!]
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM\*.*]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\*.*]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\AUTOEXEC.NT]
|
|
BUILTIN\Users = READ
|
|
;Anonymous = READ
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CMOS.RAM]
|
|
BUILTIN\Users = R W
|
|
;Anonymous = R W
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CONFIG.NT]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\MIDIMAP.CFG]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CONFIG]
|
|
BUILTIN\Administrators = FullControl
|
|
BUILTIN\Users = List
|
|
;Anonymous = List
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CONFIG\*.*]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\DRIVERS\!]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RAS\!]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\REPL\!]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SPOOL\!]
|
|
BUILTIN\Users = Read
|
|
;Anonymous = Read
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\WINS\!]
|
|
BUILTIN\Administrators = FullControl
|
|
SYSTEM = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\AT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\ACLCONV.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\ARP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\ATSVC.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\AUDITLOG.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\AUTOCHK.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\AUTOCONV.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\AUTOSETP.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\BOOTOK.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\BOOTVRFY.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CACLS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CHKDSK.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CONVERT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\C2CONFIG.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\C2*.INF ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\C2*.DLL ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\CXNETDDE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\DBGTRACE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\DDESHARE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\DISKPERF.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\EVENTVWR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\EXE2BIN.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\FC.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\FINDSTR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\FINGER.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\FORMAT.COM ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\FTP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\IBROWSER.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\INTRO.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\IPCONFIG.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\IPXROUTE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\KILL.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LABEL.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LLSMGR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LLSSRV.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LMREPL.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LOCATOR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LODCTR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LOGVIEW.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\LPQ.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\LPR.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\LSASS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\MIGRATE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\MPNOTIFY.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\MUSRMGR.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NBTSTAT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NCADMIN.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NDDEAGNT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NDDEAPIR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NET1.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NETDDE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NTBACKUP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NTOSKRNL.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NWCONV.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NW2NT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\NWSETUP.BAT ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PAX.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PENTNT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PERFMON.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\PID.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PLICENSE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PORTUAS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\PSERVER.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\PSXSS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\PVIEW.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\PVIEWER.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RASADMIN.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\RASSRV.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RCP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\REXEC.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RSH.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RDISK.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RECOVER.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\REGINI.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\REGISTER.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\REGSVR32.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RESET.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\ROUTE.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RPCSS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RUNDLL32.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\RWINSTA.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SAVEDUMP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\SCM.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SERVICES.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\SETACL.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\SETBUILD.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SHADOW.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SHUTDOWN.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\SRVMGR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\TCPSVCS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\TELNET.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\TFTP.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\TOP.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\TPROGMAN.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\TRACERT.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\UNLODCTR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\UPEDIT.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
;[%SystemRoot%\SYSTEM32\UPGRADE.EXE ]
|
|
;SYSTEM = FullControl
|
|
;BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\UPS.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\USRMGR.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\WINDISK.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\WINMSD.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|
|
|
|
[%SystemRoot%\SYSTEM32\WOWDEB.EXE ]
|
|
SYSTEM = FullControl
|
|
BUILTIN\Administrators = FullControl
|