Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computer Certification > MCSA > Nested Shares - Security Implications

Thread Tools

Nested Shares - Security Implications

Posts: n/a

Assuming I have the following directorty structure:


I share X:\ and use NTFS permission to allow access to
sub1 across my network.

However, I wish to share sub2 and not grant access to all
who have acces to sub1 (inheritance) BUT also give access
to some users who do not have access to sub1.

I can think of two ways to do this:

1) Grant 'List and Traverse' NTFS permissions to those
users who need access to sub2 so allow them to get through
sub1. Grant these users appropratie permissions (RWXD) to

Block inheritance on sub2 (maybe deny permissions to users
of sub1?).


2) Remove all permissions on sub2.

Create a separate network share on the sub2 folder (DFS??).

Grant permissions to users to access the sub2 share.

My question is about the security implications of the
network for each of these solutions ie is the the second
solution secure (I'm under the impression nesting shares
is not a good idea from a network security standpoint) or
does it create a possible security hole?

Solution one will however allow users to look at the
contents of sub1 (though not do anything to them) - though
may be more time consuming to set up and manage due to the
complexity of permissions....

Or is there another solution that I haven't thought of?

Thanks in advance,

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security implications of using open() on untrusted strings. r0g Python 11 11-26-2008 02:00 PM
Nested user controls and performance implications ASP .Net 2 11-11-2006 12:31 AM
Nested threading? implications to timeout() Geff Geff Ruby 20 09-19-2006 06:48 AM
What are the Security Implications of Pay Per Mail Computer Security 7 02-07-2006 07:53 PM
Network/Security issue with $ shares =?Utf-8?B?RGV2aQ==?= Wireless Networking 5 12-07-2005 06:36 PM