Here is a summary of all the info on the PRINTER$ share: A. Win95 does the same thing. B. The reason for the share is so that when other users on the LAN that connect to your printer they can get the device drivers for it. It happens automatically. C. Yes, it would have been better to put the printer drivers in a special directory for just that purpose and share it. D. It isn't world readable. It's readable from the LAN but not by default from the other side of a dial-up connection -- i.e. the Internet. (If you want to check that you're OK, go to ControlPanel\Network\Configuration\TCP-IP->DialupAdapter, select Properties, Bindings tab, make sure that "File and Printer sharing for Microsoft Networks" checkbox is unchecked.) E. WIN.INI, registry, and PWL files are not accessible via this share. They are in \windows, not \windows\system. F. More broadly, Windows puts no sensitive files in that directory, and I know of no application that puts anything in that directory (other than perhaps redistributable OS DLLs and device drivers); 99% of what's in there are system DLLs identical copies of which are available on 100 million or so CDROMs. Most of the rest are drivers for 3rd party devices. G. We have always been quite clear that Win95 and Win98 are not the systems to use if you are in a hostile security environment. We recommend Windows NT for those environments. Paul
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:32 PDT