Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...Keep up the good work - excellent site - i'd been looking for something like this for ages !..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > MIS/IT > Operating Systems - Hardware Independent > Microsoft: Windows Server 2003 Forum

System account and NTFS permissions

thread931-1688445
Read More Threads Like This One
ehenschel (MIS)
17 Jul 12 10:35
This is a pretty basic question but I can't seem to find the right answer. Everything points to file and sharing permissions, NTFS permissions in general. I know how that all works.

My question is what is the purpose of the System account in NTFS permissions on folders and files? I realize that services use the system account to run. But if I have a server for file sharing and I have my share setup and group permissions on all my directories do I need system to be in there?

To me the less you want the better. Will this cause issues with the OS?
tootiredtocare (TechnicalUser)
19 Jul 12 17:50
I wouldn't remove the system account. There will be services and processes that need access and I doubt you'd want to grant them admin access to the server.

Simple examples I can think of are antivirus software or VSS if you use it. Both probably wouldn't run, or more precisely run properly, without the system account being in the folders
ehenschel (MIS)
19 Jul 12 18:00
I thought that also. So if you were to get infected wouldn't the simplest action by a hacker be to remove the system account permissions from a folder, copy the virus in and then run it from there now protected by the fact AV can't see it and clean it? I am assuming once it loaded into memory AV would catch it then but still couldn't remove it.

Again this all makes sense and I will leave it. My boss doesn't like vague answers as "because it needs to be there". He asked me to provide him with a reason for the system account being in the permissions. So I am just trying to get a more technical reasoning to be able to say this is why.

Anyway, I appreciate you responding. I was starting to think no one had an answer or wanted to take a shot.
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To Microsoft: Windows Server 2003

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close