[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98218

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Create permanent shared objects

ID: oval:org.secpod.oval:def:40211Date: (C)2017-04-25   (M)2017-11-21
Class: COMPLIANCEFamily: windows




This user right is useful to kernel-mode components that extend the object namespace. However, components that run in kernel mode have this user right inherently. Therefore, it is typically not necessary to specifically assign this user right. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Vulnerability: Users who have the Create permanent shared objects user right could create new shared objects and expose sensitive data to the network. Counter Measure: Do not assign the Create permanent shared objects user right to any users. Processes that require this user right should use the System account (which already includes this user right) instead of a separate user account. Potential Impact: None. This is the default configuration. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Create permanent shared objects (2) REG: NO INFO

Platform:
Microsoft Windows Server 2016
Reference:
CCE-46835-5
CPE    1
cpe:/o:microsoft:windows_server_2016:::x64
CCE    1
CCE-46835-5
XCCDF    3
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016

© 2013 SecPod Technologies