Two versions of Vista on same HD - Security Issue

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Allo,

I have two different builds of Vista on the same drive, separate partitions.
I noticed that if I'm running one and want to access data on the other, I can
just navigate to that drive, and only run into a warning when I attempt to
access a user's private foulder. I can click the box and the warnign goes
away, giving me access to the user's files. Since I'm not the administrator
of that partition/user group shouldnt it block me? I dont have any encryption
set up yet, but I'd think since vista does this in it's own instance,
connecting to a different instance of vista should require you to be in the
same group/permissions set.
 
Hello,

The reason this is possible is due to the way Windows handles well-known
group permissions. The well know groups in Windows, such as Users,
Administrators, etc, are recognized on the permissions for the files/folder
regardless of what installation of Windows created the files/folder.

So, if you have a file that was created in one installation of Windows that
gave Administrators full control over it, then logged in to a DIFFERENT
installation of Windows as an administrator, you would have full control
over that file, even though it was created in a different installation of
Windows.

The same thing is happening in your case - you are accessing a file/folder
that you SPECIFICALLY do not have access to, but "Administrators" do - so
the system asks you if you want to invoke your administrator powers and give
yourself access to the folder.

You are correct in that this does pose a slight security risk - however, the
benefits far outweight the risks. If this did not work the way I described,
you would not be able to dual boot between instances of Windows effectively,
as you would be denied read AND write access to ALL files made from any
other instance of Windows.

Also, keep in mind that if one has physical access to the hard disk, one can
bypass any file-based security mechanism with the right tool - so the actual
security of the files of another installation of windows when another
operating system is running on that computer is pretty poor, regardless of
what permissions are in place.
 
Back
Top