Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Access denied editing text files to root C drive

27 Apr 2013   #41
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

MS went to great lengths specifically to increase the security of the system by preventing non-admin access to root folders - it was never going to be a simple job to effectively remove that protection

As it is, you do appear to have a workaround.


My System SpecsSystem Spec
.
28 Apr 2013   #42
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by morpheus305 View Post
~~~~
-I have notepad set to "Run as Administrator" on both windows 7 machines
-I can write to the root C: such as copying over a .exe file or something like that. The issue is editing a text file only.

I can edit a text file on the root C drive on a windows xp machine but not any windows 7 machines across network. I am guessing i must of missed some windows 7 permissions policy some where to enable this. Now i can edit a file on windows 7 machines if it's not on the root of the drive say C:\testfolder\testfile.txt
You probably need to figure out how to set things back to their default values. The only thing that you have to change from default is to create/set LocalAccountTokenFilterPolicy to 1 (as you eventually did).

I know that you have already done some of these steps - so just check them instead of redoing them.

Computer A = local
Computer B = remote

Disconnect any mapped drive letters that you might have between computers.
Open Credential Manager on both computer A and computer B.
On computer A, remove any reference that you see to computer B.
On computer B, remove any reference that you see to computer A.
Set LocalAccountTokenFilterPolicy to 1 on computer B.
Restart both computers see if this works:

While sitting at computer A
Map a drive letter to \\computer B\C$
(Or use a UNC type of connection.)
When asked for credentials, enter any admin account info that resides on computer B.
computer B\username
password

You should now be able to do whatever you want to a file on computer B; even if the file of interest is in the system root of computer B.

When computer A uses a connection to the admin share on computer B that type of connection acts like an elevated process. Computer B uses its own unelevated explorer.exe to allow the remote connection to SILENTLY create/edit/rename/delete/infect files in areas that normally require an elevated process to access. (Scary huh? A malware writer's dream connection.)

Files can be created locally on computer A then moved to computer B's root.

Files can be created directly in computer B's root via an unelevated process like computer A's explorer.
(via right-click > New > Text Document)

Files can be created directly in computer B's root via computer A's unelevated notepad.
(via File > Save as > navigate to computer B's root)

So, unelevated malware can do stuff to Computer B that is cannot do to computer A. But if computer B has an admin share connection to computer A, then it can use computer B to further infect computer A.


As you found out, you need an elevated process on computer B to edit a file that was created by computer A and placed directly into computer B's root. That is perfectly normal and desired. The same is true for a local file that is created in the root by an elevated process.

And just to repeat what was said in an earlier post:
You can create a file on computer B's desktop
Move it to computer B's root
And edit it without an elevated process (forgot to demo in the video).
But such a file is limited in what it can do from within the root or elsewhere.



My System SpecsSystem Spec
Reply

 Access denied editing text files to root C drive




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Changing Setting Security on root folder returns 'access is denied'
Hi, Changing setting Security on root folder returns access is denied for some sub-folders. I have an external HHD assigned with 'G' driver letter under my Computer. I have removed 'everyone' from the 'Groups and user names' on the root folder by choosing 'security tab' from the property...
Backup and Restore
The root drive (C:\) is shared, nevertheless there is no access to sub
The root drive (C:\) is shared, nevertheless there is no access to subfolders, How come that the root drive (C:\) is shared but no access is permitted to a particular subfolder (attached)? How to force the sharing for the root and ALL the subfolders Thank you Best
Network & Sharing
Access denied when editing .ini files
All of a sudden when I'm trying to save an edited .ini file in a program folder (in C:\Program Files) I get blocked by an Access Denied message. First, on making the changes in the .ini using Notepad and then clicking File > Save, I get the "Save As" dialog instead. But even then when I click Save...
General Discussion
all my files are access denied
can anyone help me... all my files are access denied even im the admin. tnx!
General Discussion
.Log text files on root of "C" drive
After installing Nvidia drivers, Realtek drivers, and JMicron E-sata drivers, I now have .log text files on the root of my "C" drive. Are these accessed next time I update the driver or can I get rid of them? I can't seem to find anything about these. I know they are there for a reason but I like...
Installation & Setup
cant access root drive - lost admin rights
Hi; I installed Windows7 recently. I was changing permissions and accidently denied authenticated users to C drive. I was logged in as admin which is the only account. Now I cant access anythig in C Drive and cant execute any thing. I tried through safe mode as well but of no use. How can I...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:50.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App