At 01:58 PM 8/14/99 -0700, x-empt [ lvhc / lou ] wrote: >While testing IIS security, I was able to locate an old flaw which is >still present in many server services on Win32. The problem deals >with a compatibility issue with the old Win16/DOS file naming system >known as the 8.3 naming system. <snip> One well-known workaround for this issue that will take care of this problem, regardless of the server software, is to disable 8.3 filenames. If you open the following registry key: HKEY_LOCAL_MACHINE\System \CurrentControlSet \Control \FileSystem And create a value named NtfsDisable8dot3NameCreation, type REG_DWORD, and set it to 1, then the operating system will not create 8.3 filenames (I think you'd have to reboot for it to take effect). Note that this isn't retroactive, so you'd need to move any trees you want updated, and then move them back. This is something that should be on anyone's checklist when setting up a web or FTP server prior to putting content on that server. BTW, setting this value also gets you a modest improvement in file system performance. It will also break 16-bit apps, but hopefully you're not running any antique applications on your server. As always, test this sort of change thoroughly before putting it into production. Oh - and obviously this only works if you're using NTFS. David LeBlanc dleblancat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:29 PDT