Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: BugTraq: EFS Win 2000 flaw
From: Attonbitus Deus <Thor () HAMMEROFGOD COM>
Date: Tue, 23 Jan 2001 10:40:41 -0800

So to suggest that your perceived EFS flaw can be resolved by over-writing
is naive. The only solution is to encrypt in memory or use some removable
partition as the temp space.


I agree with the use of 'percevied' in this case.  Though the behavior is
interesting in regard to the creation of the unencrypted .tmp file, I
believe this more of a procedural issue than an implementation one.
Recommended EFS procedures call for the encryption of a direcory, not
file-by-file as the procedure indicated by Berglind suggests. If you copy an
unencrypted file and paste it into an encrypted directory, the file and the
temporary file are both encrypted.

This is actually covered in the docs regarding EFS.

HTH.
---------------------------------
Attonbitus Deus
Thor () HammerofGod Com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]