Possible Bug in Default NTFS Settings for infpub.dat

  • Thread starter Thread starter Will
  • Start date Start date
W

Will

Strangely enough, Microsoft has an explicit NTFS permission in Vista
Ultimate on the file:

c:\windows\inf\infpub.dat

The ACL looks wrong to my eye. They have SYSTEM and Users, but they
neglected to add in Administrators. Is there a reason they should not want
the Administrator user to have read / write on that file?
 
You are correct. That's very strange.

That leads us to the question of "how did you figure that out?"
 
Jesper said:
You are correct. That's very strange.

That leads us to the question of "how did you figure that out?"
Click to expand...

That one is easy: my eventviewer audit trail is overflowing with failure
messages showing the Administrator is being denied write access to that
file. :)

I even tried to manually add the Administrators group to the ACL, but
Microsoft in its infinite wisdom is overwriting the ACL periodically back to
the incorrect ACL.

I could stop auditing on that file, but was first hoping for a better
explanation of what the heck is going on there.
 
Jesper said:
You are correct. That's very strange.

That leads us to the question of "how did you figure that out?"
Click to expand...

By the way, do I get a free bonus software license for helping to find a
bug? :)
 
You'd have to ask MS about the free bonus software. Sorry, can't help you
there.

As for why it is being changed back, that must be because the file is being
written actively by some process that is also setting permissions. I don't
know why that would be as I don't know what the file is being used for. I did
ask someone I know at MS that may have a clue, but I don't know if he knows
either. There have been instances in the past where processes write ACLs for
some reason or another, not all of which are good.

That being said, unless this is interfering with operations, and even if it
is considered a bug, which is unclear, it is unlikely to get fixed, at least
prior to Windows 7. I obviously have nothing to do with that decision, but
I'm just setting expectations based on past experience.
 
Back
Top