[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: TrendMicro InterScan VirusWall shared folder problem
From:       "Michael W. Shaffer" <shaffer () LABS ! AGILENT ! COM>
Date:       2000-11-29 20:27:08
[Download RAW message or body]

On Wed, 29 Nov 2000, Paladino, Scott wrote:

> I concur with your findings. We are working with Trend as well. It seems to
> us that the System account might need this level of access, and the active
> update feature would need permissions as needed with a specific ID.
> Otherwise, we do not see the need for that access level.
> We are not using the SMTP product - we are using the MAPI product.
>
> Regards,
> Scott Paladino

Our Exchange administrator (Fintan) also reminded me that this
adjustment is presumably to allow the management console application
used for updating multiple ISVW servers to function. My analysis so
far is that the update process of the management console is just
overwriting the executable and pattern files through normal access
to the file share. For this to be possible, only the effective user
id of the management console process needs access to this share. If
a domain administrator normally runs the management application, then
it would seem that 'Administrators - Full Control' would suffice for
this. Although we do not use the management console at our site, our
corporate level IT messaging team does, and I think that Fintan said
they have no problems with 'Admin - Full Control'.

--
Michael W. Shaffer                     email: shaffer@labs.agilent.com
Research Computing Services            phone: +1 650.485.2955
Agilent Laboratories, Palo Alto        fax:   +1 650.485.5568

[prev in list] [next in list] [prev in thread] [next in thread]