Project 7-4
Top: Shows that the administrator have activate DAC for common users.
Discretionary Access Control to share file can be dangerous. Discretionary Access Control model is also known as the least restrictive way of implementing. user has total control over any object that he or she owns, along with the other program that are associated with those files.
Discretionary Access Control is often targeted by attackers, due to high-level privileges for end-user. In this practical i am going to use my Window 2008 to give permission to an end-user.
Discretionary Access Control has two significant weakness:
- It gives freedom to the user and may poses security risks as it relies on the end-user subject to set the proper level of security.
- User permission will be "inherited" by any program that the user executes.
How to create Discretionary Access Control in Window Vista/2003/2008:
- Create a new file
- Go to the file properties, then security tab
- Deny "read" for the administrator
- Go to file sharing, and choose the user who is allowed to enter it
- DAC permission have been granted to another user
P1062344 posted during Saturday, July 17, 2010 at 10:20 PM
![[Powered by Blogger]](http://buttons.blogger.com/bloggerbutton1.gif){kind=small}