Hello !
I’m writing CMD batch script to fix some security holes in W2K Professioanl and NT Workstation (client-side script)
In Windows NT environement I used to remove “Execute” right
for “Everyone” group from mshta.exe (MS HyperText Application)as well as disable ShellScrap Application (*.SHS) execution
using XCACLS utility from the NT Resourse Kit –
> xcacls mshta.exe /E /P Everyone:EWD
> xcacls shscrap.dll /E /P Everyone:EWD
In W2K there are no XCACLS utility in Resource Kit anymore, but merely CACLS utlility, that can deal with “Read, Write, Change and Full Control” file permissions.
Is that correct that there is no way to add/remove “Execute” file permission in W2K from the command line ?
Best regards,
Nikolay N. Semenov
