AnsweredAssumed Answered

Windows Share Enumeration (QID 90635) showing Writeable = Yes, when the Everyone group is denied access by NTFS permissions.

Question asked by Chris Goff on Jun 22, 2017
Latest reply on Jun 23, 2017 by Chris Goff

Problem: Windows Share Enumeration (QID 90635) showing Writeable = Yes, when the Everyone group is denied access by NTFS permissions.

 

Test System Settings

Share permissions set to Everyone Full Control

NTFS permissions have the Everyone group removed.

 

 

 

Verified it correctly denies Everyone by attempting to access the UNC from a non-privileged user. Turn on NTFS share permissions for Everyone and tested again with another user, they have complete access.

 

According to the text in the Threat section, writable means "The Writable column indicates whether all the files in each share are writable by Everyone (Yes/No)". So why the discrepancy with the report?

Outcomes