G
giantcrazy
Hi all-
Does anyone know if there's a way to limit where a user can write to
in XP? Preferably without add-on software, but if commercial access
control software is required, recommendations are helpful.
Without getting into the long and short of it - I have some machines
that are going to be shared, all amongst authorized users. I'd rather
that the users don't see each other's data (which, just using NTFS
permissions would be sufficient if the users behaved properly), so I'd
like to do two things - one, keep all writes (except for operating
system patches/updates/caches/etc.) off the C: drive and into a
designated area (think sandbox, but not quite). Two, I'm going to
devise a set of scripts that would run at logon and logoff, to cleanse
this area to ensure that no data from the prior user has been left
behind.
Anyone know if what I'm suggesting is feasible/doable? I've never
tried to keep a user completely off C: before, and the research I've
done thus far indicates it's not possible. It is very similar to most
Citrix deployments, where a thin-client user would be given a C:\
that's read-only (to them at least).
Any advice is greatly appreciated!
-GC
Does anyone know if there's a way to limit where a user can write to
in XP? Preferably without add-on software, but if commercial access
control software is required, recommendations are helpful.
Without getting into the long and short of it - I have some machines
that are going to be shared, all amongst authorized users. I'd rather
that the users don't see each other's data (which, just using NTFS
permissions would be sufficient if the users behaved properly), so I'd
like to do two things - one, keep all writes (except for operating
system patches/updates/caches/etc.) off the C: drive and into a
designated area (think sandbox, but not quite). Two, I'm going to
devise a set of scripts that would run at logon and logoff, to cleanse
this area to ensure that no data from the prior user has been left
behind.
Anyone know if what I'm suggesting is feasible/doable? I've never
tried to keep a user completely off C: before, and the research I've
done thus far indicates it's not possible. It is very similar to most
Citrix deployments, where a thin-client user would be given a C:\
that's read-only (to them at least).
Any advice is greatly appreciated!
-GC