Discussion: If WinPE can override NTFS permissions, why even bother with NTFS permissions?

Last post 01-25-2010 5:55 PM by securityguy. 1 replies.

Page 1 of 1 (2 items)
	Sort Posts: Previous Next

01-04-2010 2:34 PM

jpaloma
Joined on 07-09-2004
Singapore
Posts 2,574
Points 26,598

Discussion: If WinPE can override NTFS permissions, why even bother with NTFS permissions?

Reply Contact

For those deploying Windows 7 using Windows Automated Installation Kit, you may have already noticed that Windows Preinstallation Environment (WinPE) overrides permissions we set in NTFS. This is especially manifesting itself in a PC refresh scenario where you can use Hard Link Migration in USMT to migrate files/folders and settings, but you were not prompted for any administrative credentials during WinPE bootup.

Ergo, one can just boot from WinPE and lo and behold, all the files are available at one's disposal.

With this in mind, how do we emphasize on local PC security? Bitlocker would solve this, however BL is only available in Enterprise and Ultimate. Most desktops out there would not have these Windows 7 editions.

No right or wrong answer ... just discussion.

Jay Paloma

01-25-2010 5:55 PM In reply to

securityguy
Joined on 01-12-2009
Posts 31
Points 408

Re: Discussion: If WinPE can override NTFS permissions, why even bother with NTFS permissions?

Reply Contact

Sir im kinda newbie and interested on what you have posted, just have a few questions to clarify my understanding.

1) PC refresh scenario: does this mean a fresh installation or wipe and load scenario?

2) With Hard Link migration? This means the migration is happening on the same computer right?

Page 1 of 1 (2 items)

Microsoft Philippines Community