Everyone Group and Full Control access

Hi,

I'm trying to find out whether it is necessary to change the existing
Windows 2000 security for the Everyone group which has 'Full Control' on the
following folder:
c:\winnt\system32\inetsrv\data

When I view the security for c:\winnt, it shows that Everyone does not have
allowable access to c:\winnt . When I view the security for the system32
folder, it shows that Everyone does not have allowable access to the system32
folder. When I view the security for the inetsrv folder, Everyone doesn't
even show up in the group list. Last, when I view the security for the data
folder, Everyone has 'Full Control' on this folder. Given all of the above,
would the Everyone group in actuality have 'Full Control' of the data folder
although Everyone does not have access to the upper level folders?

One more question, does anybody know if IIS via the Everyone group can
handle a read permission on the aforementioned data folder or is more access
required?

Any assistance would be appreciated in this matter. Thanks in advance.

Re: Everyone Group and Full Control access

--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
"MiddEware" wrote in message
news:D155365E-B3CF-42E8-AD7A-E43562356B49@microsoft.com...
> Hi,
>
> I'm trying to find out whether it is necessary to change the existing
> Windows 2000 security for the Everyone group which has 'Full Control' on
> the
> following folder:
> c:\winnt\system32\inetsrv\data
>
> When I view the security for c:\winnt, it shows that Everyone does not
> have
> allowable access to c:\winnt . When I view the security for the system32
> folder, it shows that Everyone does not have allowable access to the
> system32
> folder. When I view the security for the inetsrv folder, Everyone doesn't
> even show up in the group list. Last, when I view the security for the
> data
> folder, Everyone has 'Full Control' on this folder. Given all of the
> above,
> would the Everyone group in actuality have 'Full Control' of the data
> folder
> although Everyone does not have access to the upper level folders?

Correct - if the Everyone group has the "Bypass Traverse Checking" NT user
right.

Cheers
Ken

> One more question, does anybody know if IIS via the Everyone group can
> handle a read permission on the aforementioned data folder or is more
> access
> required?
>
> Any assistance would be appreciated in this matter. Thanks in advance.

Re: Everyone Group and Full Control access

Hi Ken,

Thanks for your quick response and for the answer to my question. In this
particular case, Everyone does have Traversing privileges, and as such, we'll
have to revise it's access to the data folder accordingly. Thanks again.

MiddEware