The Creator Owner
Before leaving the subject of NTFS permissions, one last principle needs to be discussed: the Creator Owner. When a user creates a new file, whether by right clicking in a folder and choosing an item from the New menu item or by saving a document from Microsoft Word, the user is granted the Creator Owner flag against it. The Creator Owner property grants the user absolute control over the file, and goes as far as allowing them to deny the system administrator permission to access it. Although this may seem odd from a technical point of view, it makes sound business sense and is a critical measurement in the security standard certification that Microsoft aimed for. Although system administrators (quite legitimately) need control over the entire operating system and all files stored on the hard drive, some files need to be kept private to a single user a document containing financial and salary records, for example.
The power a user has to lock an administrator out of files and folders only extends so far, however. The administrator also has the power to seize ownership of an object, and become its Creator Owner. So what is the purpose of this electronic game of one-upmanship?
The logic behind this system is actually quite sensible. When a user creates a file, they become the Creator Owner, at which point they can prevent the administrator from accessing it. If an administrator tries causally to access the file, they will be denied. However if there is an emergency (for example, the user has left the company but left the permissions on critical documents locked up tight), the administrator can seize ownership and become the Creator Owner. To prevent rogue administrators from seizing control of and viewing supposedly protected documents, the Creator Owner is visible to anyone who wishes to check. In addition, administrators may only change the Creator Owner to themselves, which prevents the seizure of ownership and then assignment of that ownership to someone else, shifting the blame onto an innocent third party.
It is important to remember that whatever controls are available, the administrators still have ultimate power over the computer. An old security maxim states, A network is only as secure as the administrator is trustworthy if the administrator cannot be trusted to behave in a professional manner, they should not be in the role.
Home - Table Of Contents - Contact Us
CertiGuide to A+ (A+ 4 Real) (http://www.CertiGuide.com/apfr/) on CertiGuide.com
Version 1.0 - Version Date: March 29, 2005
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.