Access denied editing text files to root C drive

Page 5 of 5 FirstFirst ... 345

  1. NoelDP
    Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       New #41

    MS went to great lengths specifically to increase the security of the system by preventing non-admin access to root folders - it was never going to be a simple job to effectively remove that protection :)

    As it is, you do appear to have a workaround.
      My Computer
    Quote Quote

  3. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #42

    morpheus305 said:
    ~~~~
    -I have notepad set to "Run as Administrator" on both windows 7 machines
    -I can write to the root C: such as copying over a .exe file or something like that. The issue is editing a text file only.

    I can edit a text file on the root C drive on a windows xp machine but not any windows 7 machines across network. I am guessing i must of missed some windows 7 permissions policy some where to enable this. Now i can edit a file on windows 7 machines if it's not on the root of the drive say C:\testfolder\testfile.txt
    You probably need to figure out how to set things back to their default values. The only thing that you have to change from default is to create/set LocalAccountTokenFilterPolicy to 1 (as you eventually did).

    I know that you have already done some of these steps - so just check them instead of redoing them.

    Computer A = local
    Computer B = remote

    Disconnect any mapped drive letters that you might have between computers.
    Open Credential Manager on both computer A and computer B.
    On computer A, remove any reference that you see to computer B.
    On computer B, remove any reference that you see to computer A.
    Set LocalAccountTokenFilterPolicy to 1 on computer B.
    Restart both computers see if this works:

    While sitting at computer A
    Map a drive letter to \\computer B\C$
    (Or use a UNC type of connection.)
    When asked for credentials, enter any admin account info that resides on computer B.
    computer B\username
    password

    You should now be able to do whatever you want to a file on computer B; even if the file of interest is in the system root of computer B.

    When computer A uses a connection to the admin share on computer B that type of connection acts like an elevated process. Computer B uses its own unelevated explorer.exe to allow the remote connection to SILENTLY create/edit/rename/delete/infect files in areas that normally require an elevated process to access. (Scary huh? A malware writer's dream connection.)

    Files can be created locally on computer A then moved to computer B's root.

    Files can be created directly in computer B's root via an unelevated process like computer A's explorer.
    (via right-click > New > Text Document)

    Files can be created directly in computer B's root via computer A's unelevated notepad.
    (via File > Save as > navigate to computer B's root)

    So, unelevated malware can do stuff to Computer B that is cannot do to computer A. But if computer B has an admin share connection to computer A, then it can use computer B to further infect computer A.


    As you found out, you need an elevated process on computer B to edit a file that was created by computer A and placed directly into computer B's root. That is perfectly normal and desired. The same is true for a local file that is created in the root by an elevated process.

    And just to repeat what was said in an earlier post:
    You can create a file on computer B's desktop
    Move it to computer B's root
    And edit it without an elevated process (forgot to demo in the video).
    But such a file is limited in what it can do from within the root or elsewhere.



      My Computer
    Quote Quote

 
Page 5 of 5 FirstFirst ... 345

  Related Discussions
Hi, Changing setting Security on root folder returns access is denied for some sub-folders. I have an external HHD assigned with 'G' driver letter under my Computer. I have removed 'everyone' from the 'Groups and user names' on the root folder by choosing 'security tab' from the property...
The root drive (C:\) is shared, nevertheless there is no access to subfolders, How come that the root drive (C:\) is shared but no access is permitted to a particular subfolder (attached)? How to force the sharing for the root and ALL the subfolders Thank you Best
All of a sudden when I'm trying to save an edited .ini file in a program folder (in C:\Program Files) I get blocked by an Access Denied message. First, on making the changes in the .ini using Notepad and then clicking File > Save, I get the "Save As" dialog instead. But even then when I click Save...
.Log text files on root of "C" drive
in Installation & Setup

After installing Nvidia drivers, Realtek drivers, and JMicron E-sata drivers, I now have .log text files on the root of my "C" drive. Are these accessed next time I update the driver or can I get rid of them? I can't seem to find anything about these. I know they are there for a reason but I like...
Hi; I installed Windows7 recently. I was changing permissions and accidently denied authenticated users to C drive. I was logged in as admin which is the only account. Now I cant access anythig in C Drive and cant execute any thing. I tried through safe mode as well but of no use. How can I...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 20:47.
Find Us