a 2nd person can delete a file encrypted by the 1st in EFS,Why?

[Guest]

hello,

i had this question in my mind for quite some time...

If efs is built to deny access of an encrypted file to a 2nd person,then why
should he be given access to delete the same file??

I have tried this scenario where 2nd person was able to delete the file
encrypted by the 1st person...

efs is about securing ur info from others...whats its use if one can just
delete ur confidential info??

Please reply..

Thanks.

 

[Kerry Brown]

EFS is about hiding the contents of a file not restricting what can be done
with the actual file itself. That is accomplished by NTFS permissions.
Normally it makes sense to use a combination of physical security, file
access permissions and encryption to protect sensitive files.

 

[Guest]

Ok fine,so i should use the combination of file access permissions and EFS.

 

[Kerry Brown]

Yes.

If the contents of a file are sensitive enough to need encryption it is also
recommended to also think about physical security as well. This means
thinking about things like: Where do I store backup copies of the key to
decrypt the file. How and where do I store backups of the file. How likely
is is that the computer storing the file or backups may be stolen. If
someone has the computer and the key to decrypt the file is on the computer
then they can crack the encryption. There are many things to consider.

 

[Vanguard]

<snip - same multiposted message>

Learn to cross-post. Read:

http://www.cs.tut.fi/~jkorpela/usenet/xpost.html
http://en.wikipedia.org/wiki/Crossposting

Read the posts already over in your separate and disconnected post in
microsoft.public.windowsxp.general.