+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
Office Software Thread, pupils able to access c drive via word 2000 web toolbar in Technical; Hi we have a major issue where pupils are able to access the c drive even though we have group ...
  1. #1
    projector1's Avatar
    Join Date
    Nov 2005
    Posts
    460
    Thank Post
    70
    Thanked 1 Time in 1 Post
    Rep Power
    18

    pupils able to access c drive via word 2000 web toolbar

    Hi we have a major issue where pupils are able to access the c drive even though we have group policies in place to restrict access to the c drive. What they do is enable web toolbar in word and then in the bar type in a command that allows them to access utils like command.com What i have also noticed is that they have found a way around the security and are able to install games to the c drive. I think they are able to install these game via command.com
    all our pcs are xp pro

  2. #2

    Join Date
    Jul 2005
    Location
    Derby
    Posts
    118
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    26

    Re: pupils able to access c drive via word 2000 web toolbar

    I think viewing the C: drive is quite useful for users. However, the only place they need to be able to write to is the c:\documents and settings\<username>

    (There are a few exceptions such as c:\windows\temp and the help folder)

    You can set these permissions in group policy. Basically propagate SYSTEM:F and ADMINISTRATOR:F, EVERYONE:R and then add the items listed above as EVERYONE:C.

    Nail that Jelly to the ceiling!

    -Kev

  3. #3

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,596
    Thank Post
    109
    Thanked 764 Times in 595 Posts
    Rep Power
    181

    Re: pupils able to access c drive via word 2000 web toolbar

    If it gets out of hand, ditch Office until you can find the relevant settings to fix it - StarOffice and OpenOffice both come as MSIs so can be easily deployed using a GPO.

    You could also use software restriction to stop the little darlings running cmd.exe

  4. #4

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    10,400
    Thank Post
    602
    Thanked 2,171 Times in 994 Posts
    Blog Entries
    23
    Rep Power
    630

    Re: pupils able to access c drive via word 2000 web toolbar

    The Office ADM templates allow you to lock this down. Another favorite of the little darlings is to use the 'Get clipart online' option if they have been denied access to the internet. The system, not the user then opens IE and authenticates web access. Clever. ADM templates fix this too.

  5. #5
    altecsole's Avatar
    Join Date
    Jun 2005
    Location
    Morecambe, Lancashire, UK.
    Posts
    281
    Thank Post
    39
    Thanked 36 Times in 26 Posts
    Rep Power
    25

    Re: pupils able to access c drive via word 2000 web toolbar

    Quote Originally Posted by kevinmcaleer
    <snip>

    You can set these permissions in group policy. Basically propagate SYSTEM:F and ADMINISTRATOR:F, EVERYONE:R and then add the items listed above as EVERYONE:C.

    <snip>

    -Kev
    I've never noticed this in GP before. Where and how do you do this? Thanks.

  6. #6

    Join Date
    Nov 2005
    Posts
    43
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: pupils able to access c drive via word 2000 web toolbar

    There are many flaws in GP's and ways to bypass them. Looking in the logs i can see all sorts of very hand methods to bypass GP security; the pupils are very annoying. Anyway, the answer is to either ditch office like someone mentioned, or get another security tool, see wicky for details on apps for this purpose.

    website: Security tools on the wicky!


    Some of these are likely to help.

  7. #7
    projector1's Avatar
    Join Date
    Nov 2005
    Posts
    460
    Thank Post
    70
    Thanked 1 Time in 1 Post
    Rep Power
    18

    Re: pupils able to access c drive via word 2000 web toolbar

    thanks for the range of selections folks.
    i did find this site this morning
    http://www.addbalance.com/word/webtoolbar.htm
    i am hoping to test it on a few client pc's next week.
    jonny_valentine you mentioned that there are many flaws in GP's and way to bypass them. Do you know of any utilities or sites that expand on this?

  8. #8

    Join Date
    Jul 2005
    Location
    Derby
    Posts
    118
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    26

    Re: pupils able to access c drive via word 2000 web toolbar

    Quote Originally Posted by altecsole
    I've never noticed this in GP before. Where and how do you do this? Thanks.
    In the computers configuration, Windows Settings, Security Settings and then file System, Just add the files you want to protect or unprotect.

    for the full official article see:
    http://www.microsoft.com/technet/pro...c888be525.mspx

    Pupils can't get round file permissions, once they are set, they are set. Registry settings can also be protected with permissions, thus preventing entries from being changed.

    you really can lock down workstations with this, if you implement the correct settings.

    -Kev

  9. #9

    Join Date
    Nov 2005
    Posts
    43
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: pupils able to access c drive via word 2000 web toolbar

    projector1: I dont know off hand of any websites that go through all the flaws in GPO's, i could post some impero logs of a few pupils' computer activity showing step by step, how they bypass certain policies, but someone would probably moan saying im advertising.

    One quick simple hak (i thought was an old & obvious one) that you all may wanna try is, goto m$ word, write something, right click and add hyperlink, type c: and click ok. Then follow the link in word to the c: drive. There may be a policy to stop this but from the ones ive got in place at one school, you wouldnt think the above could be done, since the c: drive is hidden and so on, but it does work.

    The wiki had links on to software that can stop this kind of thing, but someone called mark, kindly removed the links because it was on there twice, once under internet security/monitoring and once under desktop security.. this is obviously not allowed even though the software does cover both.. :?

  10. #10

    russdev's Avatar
    Join Date
    Jun 2005
    Location
    Leicestershire
    Posts
    6,924
    Thank Post
    709
    Thanked 551 Times in 366 Posts
    Blog Entries
    3
    Rep Power
    204

    Re: pupils able to access c drive via word 2000 web toolbar

    Quote Originally Posted by jonny_valentine
    projector1: ..... i could post some impero logs of a few pupils' computer activity showing step by step, how they bypass certain policies, but someone would probably moan saying im advertising.
    uncalled for jonny....

    The wiki had links on to software that can stop this kind of thing, but someone called mark, kindly removed the links because it was on there twice, once under internet security/monitoring and once under desktop security.. this is obviously not allowed even though the software does cover both.. :?
    also i have sorted that out if check your pm or read top of the wiki page you will see what i have done.

    hope that is sorted

    Russ

  11. #11
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,966
    Thank Post
    248
    Thanked 49 Times in 45 Posts
    Blog Entries
    2
    Rep Power
    46

    Re: pupils able to access c drive via word 2000 web toolbar

    I editid the wiki page because Johnny entered his company 4 times when 1 entry would have been enough. And indeed answered the question just as well with just the one link as it did with many.

    All the other main software suites at the top of the wiki also do other things, but were not linked to in every section of the page.

    The blurb entered by johhny about his software was not factual but pure salesmanship.

    Johnny is being entirely antagonistic towards me in his posting for what reason?

    I object to your wiki revision Russ. If your going to mention Johnny's software so many times, and remember we don't have a genuine review of the software as we have there of the others, just Johnny's sales blurb, you MUST give equal weight to everything else. The wiki page is supposed to be about Ranger remember. It seems to me that you are making exceptions because of his bullying tactics.

    I wanted to keep this private and did pm Dos_Box about it. But now it's public I had to explain myself.

  12. #12
    altecsole's Avatar
    Join Date
    Jun 2005
    Location
    Morecambe, Lancashire, UK.
    Posts
    281
    Thank Post
    39
    Thanked 36 Times in 26 Posts
    Rep Power
    25

    Re: pupils able to access c drive via word 2000 web toolbar

    Quote Originally Posted by kevinmcaleer

    In the computers configuration, Windows Settings, Security Settings and then file System, Just add the files you want to protect or unprotect.

    for the full official article see:
    http://www.microsoft.com/technet/pro...c888be525.mspx

    Pupils can't get round file permissions, once they are set, they are set. Registry settings can also be protected with permissions, thus preventing entries from being changed.

    you really can lock down workstations with this, if you implement the correct settings.

    -Kev
    Many thanks for that Kev. The wonders and depths of GP - about time I read a book on it I think!

  13. #13

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: pupils able to access c drive via word 2000 web toolbar

    You might want to peek at Windows Server Hacks or the Active Directory Cookbook books by O'Reily. They both cover Group Policies in detail.

  14. #14

    Join Date
    Oct 2005
    Location
    dundee
    Posts
    197
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: pupils able to access c drive via word 2000 web toolbar

    oh, i see so edugeek is now rangergeek???

  15. #15

    Join Date
    Nov 2005
    Posts
    43
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: pupils able to access c drive via word 2000 web toolbar

    Russ: you know im right ;p

    Mark: didnt mean to cause a fuss, sorry. I've edited the wiki myself, i think maybe the top part should be completely removed and put each in its respective subject? That way there arent any repeats, i duno. Imo, it would be better to know which catagory each came under.
    (ps. 2 times not 4 )


    Geoff: nice one, im off to waterstones!

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Stopping Pupils Access Staff PC's
    By Grommit in forum Windows
    Replies: 16
    Last Post: 28th September 2010, 12:49 PM
  2. pupils accessing c: drive
    By jonbones in forum Windows
    Replies: 7
    Last Post: 29th August 2009, 06:17 PM
  3. WORD 2002 - Disable Web Toolbar
    By PatBoland in forum Windows
    Replies: 1
    Last Post: 19th October 2007, 08:31 AM
  4. Word 2000 : Toolbar customisation
    By contink in forum Scripts
    Replies: 4
    Last Post: 3rd June 2007, 01:05 AM
  5. microsft word 2000 problem,error, virus
    By Uraken in forum Educational Software
    Replies: 2
    Last Post: 1st March 2007, 11:01 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •