Folder and file permissions
- Thread starter Vincenzo
- Start date
Hello Vincenzo,
The problem is that even if you restrict access to all users but the owner, the other administrators could still just change the permissions using their own credentials if they like.
One option would be to use EFS to encrypt the folder so that no other user would be able to open the folder. If you use this option, then be sure to backup the EFS certificate afterwards.
Hope this helps,
Shawn
The problem is that even if you restrict access to all users but the owner, the other administrators could still just change the permissions using their own credentials if they like.
One option would be to use EFS to encrypt the folder so that no other user would be able to open the folder. If you use this option, then be sure to backup the EFS certificate afterwards.
Hope this helps,
Shawn
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Self built custom
- OS
- 64-bit Windows 11 Pro for Workstations
- CPU
- Intel i7-8700K OC'd to 5 GHz
- Motherboard
- ASUS ROG Maximus XI Formula Z390
- Memory
- 64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
- Graphics Card(s)
- ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
- Sound Card
- Integrated
- Monitor(s) Displays
- 2 x Samsung Odyssey G7 27"
- Screen Resolution
- 2560x1440
- Hard Drives
- 1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
- PSU
- Seasonic Prime Titanium 850W
- Case
- Thermaltake Core P3
- Cooling
- Corsair Hydro H115i
- Keyboard
- Logitech wireless K800
- Mouse
- Logitech MX Master 4
- Internet Speed
- 2 Gb/s Download and 100 Mb/s Upload
- Antivirus
- Malwarebyte Anti-Malware Premium
- Browser
- Google Chrome
- Other Info
- Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
My goal is to make a folder inaccessible to the user account that is used for everyday computing, as protection in case the Cryptolocker virus infects it. (I plan to have an extra backup run to that folder everyday, in addition to my regular backups.)
I plan to create an admin account that is only there because the backups will be run from it.
So I am not concerned about a user changing permissions, I don't believe the virus can do that, at least not yet.
Thanks
I plan to create an admin account that is only there because the backups will be run from it.
So I am not concerned about a user changing permissions, I don't believe the virus can do that, at least not yet.
Thanks
My Computer
- OS
- Windows 7 Professional x64
If the folder is in a user folder of the administrator account, then standard user accounts will not be able to access it by default.
When it comes to that Trojan virus, it could lock out any file, folder, or the whole PC, so it wouldn't matter if the folder was protected or not.
When it comes to that Trojan virus, it could lock out any file, folder, or the whole PC, so it wouldn't matter if the folder was protected or not.
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Self built custom
- OS
- 64-bit Windows 11 Pro for Workstations
- CPU
- Intel i7-8700K OC'd to 5 GHz
- Motherboard
- ASUS ROG Maximus XI Formula Z390
- Memory
- 64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
- Graphics Card(s)
- ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
- Sound Card
- Integrated
- Monitor(s) Displays
- 2 x Samsung Odyssey G7 27"
- Screen Resolution
- 2560x1440
- Hard Drives
- 1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
- PSU
- Seasonic Prime Titanium 850W
- Case
- Thermaltake Core P3
- Cooling
- Corsair Hydro H115i
- Keyboard
- Logitech wireless K800
- Mouse
- Logitech MX Master 4
- Internet Speed
- 2 Gb/s Download and 100 Mb/s Upload
- Antivirus
- Malwarebyte Anti-Malware Premium
- Browser
- Google Chrome
- Other Info
- Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
From the reading I've done, I've gotten the impression that CryptoLocker can only encrypt files on drives that are visible and accessible from the user account that was in use when the computer was infected. So it seems like a folder that has permissions blocking access by the everyday user account would not get encrypted. As least that is my working theory right now.
My Computer
- OS
- Windows 7 Professional x64
Deny Access everyone who is listed in security tab and no one can open this folder. if you want like this of course. I don't know other ways.
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Asus
- OS
- Windows 7 Home Premium x86
- Browser
- Safari
