|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
12-24-2006
| #1 (permalink) |
| | a 2nd person can delete a file encrypted by the 1st in EFS,Why? hello, i had this question in my mind for quite some time... If efs is built to deny access of an encrypted file to a 2nd person,then why should he be given access to delete the same file?? I have tried this scenario where 2nd person was able to delete the file encrypted by the 1st person... efs is about securing ur info from others...whats its use if one can just delete ur confidential info?? Please reply.. Thanks. |
My System Specs |
|
12-24-2006
| #2 (permalink) |
| | Re: a 2nd person can delete a file encrypted by the 1st in EFS,Why? EFS is about hiding the contents of a file not restricting what can be done with the actual file itself. That is accomplished by NTFS permissions. Normally it makes sense to use a combination of physical security, file access permissions and encryption to protect sensitive files. -- Kerry Brown Microsoft MVP - Shell/User www.vistahelp.ca/phpBB2 "greyman" <greyman@discussions.microsoft.com> wrote in message news:5D260692-5B06-45D2-ABB4-772C62E08B79@microsoft.com... > hello, > > i had this question in my mind for quite some time... > > If efs is built to deny access of an encrypted file to a 2nd person,then > why > should he be given access to delete the same file?? > > I have tried this scenario where 2nd person was able to delete the file > encrypted by the 1st person... > > efs is about securing ur info from others...whats its use if one can just > delete ur confidential info?? > > Please reply.. > > Thanks. > > |
| My System Specs |
|
12-24-2006
| #3 (permalink) |
| | Re: a 2nd person can delete a file encrypted by the 1st in EFS,Why Ok fine,so i should use the combination of file access permissions and EFS. "Kerry Brown" wrote: > EFS is about hiding the contents of a file not restricting what can be done > with the actual file itself. That is accomplished by NTFS permissions. > Normally it makes sense to use a combination of physical security, file > access permissions and encryption to protect sensitive files. > > -- > Kerry Brown > Microsoft MVP - Shell/User > www.vistahelp.ca/phpBB2 > > > "greyman" <greyman@discussions.microsoft.com> wrote in message > news:5D260692-5B06-45D2-ABB4-772C62E08B79@microsoft.com... > > hello, > > > > i had this question in my mind for quite some time... > > > > If efs is built to deny access of an encrypted file to a 2nd person,then > > why > > should he be given access to delete the same file?? > > > > I have tried this scenario where 2nd person was able to delete the file > > encrypted by the 1st person... > > > > efs is about securing ur info from others...whats its use if one can just > > delete ur confidential info?? > > > > Please reply.. > > > > Thanks. > > > > > > |
| My System Specs |
|
12-24-2006
| #4 (permalink) |
| | Re: a 2nd person can delete a file encrypted by the 1st in EFS,Why Yes. If the contents of a file are sensitive enough to need encryption it is also recommended to also think about physical security as well. This means thinking about things like: Where do I store backup copies of the key to decrypt the file. How and where do I store backups of the file. How likely is is that the computer storing the file or backups may be stolen. If someone has the computer and the key to decrypt the file is on the computer then they can crack the encryption. There are many things to consider. -- Kerry Brown Microsoft MVP - Shell/User www.vistahelp.ca/phpBB2 "greyman" <greyman@discussions.microsoft.com> wrote in message news:60E62B78-C899-4780-9B2F-4C853ABF8C7F@microsoft.com... > Ok fine,so i should use the combination of file access permissions and > EFS. > > "Kerry Brown" wrote: > >> EFS is about hiding the contents of a file not restricting what can be >> done >> with the actual file itself. That is accomplished by NTFS permissions. >> Normally it makes sense to use a combination of physical security, file >> access permissions and encryption to protect sensitive files. >> >> -- >> Kerry Brown >> Microsoft MVP - Shell/User >> www.vistahelp.ca/phpBB2 >> >> >> "greyman" <greyman@discussions.microsoft.com> wrote in message >> news:5D260692-5B06-45D2-ABB4-772C62E08B79@microsoft.com... >> > hello, >> > >> > i had this question in my mind for quite some time... >> > >> > If efs is built to deny access of an encrypted file to a 2nd >> > person,then >> > why >> > should he be given access to delete the same file?? >> > >> > I have tried this scenario where 2nd person was able to delete the file >> > encrypted by the 1st person... >> > >> > efs is about securing ur info from others...whats its use if one can >> > just >> > delete ur confidential info?? >> > >> > Please reply.. >> > >> > Thanks. >> > >> > >> >> |
| My System Specs |
|
12-24-2006
| #5 (permalink) |
| | Re: a 2nd person can delete a file encrypted by the 1st in EFS,Why? "greyman" <greyman@discussions.microsoft.com> wrote in message news:5D260692-5B06-45D2-ABB4-772C62E08B79@microsoft.com... <snip - same multiposted message> Learn to cross-post. Read: http://www.cs.tut.fi/~jkorpela/usenet/xpost.html http://en.wikipedia.org/wiki/Crossposting Read the posts already over in your separate and disconnected post in microsoft.public.windowsxp.general. |
| My System Specs |
|
12-26-2006
| #6 (permalink) |
| |  Quote: Originally Posted by Kerry Brown If someone has the computer and the key to decrypt the file is on the computer then they can crack the encryption. There are many things to consider. The best example is this: User B (non - admin) encrypts a file. User A is the administrator but not the recovery agent. Then, User A can delete/ copy the file but not have access to the contents. Nik |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Encrypted Outlook 2007 pst file | Microsoft Office | |||
| File has encrypted itself and locked me out? | System Security | |||
| Accessing an Encrypted File | Vista security | |||
| Backing up Bitlocker Encrypted Drive Equals Not Encrypted | Vista security | |||
