[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-46835-5

Platform: win2016Date: (C)2017-08-03   (M)2017-09-28



"Create permanent shared objects" This user right is useful to kernel-mode components that extend the object namespace. However, components that run in kernel mode have this user right inherently. Therefore, it is typically not necessary to specifically assign this user right. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Vulnerability: Users who have the Create permanent shared objects user right could create new shared objects and expose sensitive data to the network. Counter Measure: Do not assign the Create permanent shared objects user right to any users. Processes that require this user right should use the System account (which already includes this user right) instead of a separate user account. Potential Impact: None. This is the default configuration.


Parameter:


Technical Mechanism: Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment (2) REG: No Registry Info

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40211


OVAL    1
oval:org.secpod.oval:def:40211
XCCDF    3
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016

© 2013 SecPod Technologies