From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_0BB3_01C297FC.570DCC30
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   This sounds like something is corrupted.  Try comparing the files on =
this machine with another running the same version of Windows.

Rich

  "Thees Peereboom"  wrote in message =
news:7skbuu8i15bbj0vd4kg2soi480j9b0ghpo{at}4ax.com...
  Rich,

  On a completely different note, I've got a securityproblem which I
  seem unable to solve. I've posted about this before, but sofar no
  luck.

  This machine is part of an NT4 domain, users and groups are maintained
  on that domain. For some time now whenever I try to change the
  securitysettings on this machine (other machines in the domain work
  fine) I get the following error:

  (leftclick on file, choose properties, go to the securitytab and
  choose add)

  'Cannot open the dialogue for userselection (null)'

  which leaves me unable to add or change any rights.

  I'd really appreciate at least a direction to search, since I have not
  been able even to find this error in the docs.

  TIA,

  - Thees Peereboom


  On Wed, 27 Nov 2002 18:37:40 -0800, "Rich"  wrote:

  >   I don't see any backing down.  Microsoft does make choices that =
affect backward compatibility but all such choices are scrutinized.  If =
the compat problems are due to app bugs work arounds, often specific to =
one app, are implemented.  Quite a bit of effort is made to keep = existing
apps from third parties working.  Sometimes changes are made in =
documented or default behavior, and don't believe that simply changing =
system defaults doesn't have compat problems.  These are documented and =
often configurable by admins or users depending on the scope of the =
setting.  I suspect there are more settings changes that API behavior =
changes.  John O encountered one in Windows XP Home Edition.  By default =
network access is authenticated as the guest account to limit the = ability
of someone to attack a system remotely and do dammage.  It = allows a local
user to have no password and not open the system to = attack using that
user's account.  How did this bite John?  He disabled = the guest account.
  >This is a fine example of breaking existing behavior to gain greater =
security.
  >
  >Rich
  >
  >  "Geo."  wrote in message =
news:3de56764$1{at}w3.nls.net...
  >  "Rich"  wrote in message news:3de42e03{at}w3.nls.net...
  >   >>  It's more complicated.<<
  >
  >  I don't doubt it, I just find it funny that right after Craig =
Mundie made
  >  his "break the apps for security" statements along comes
a security =
issue
  >  and he's forced to back down from the hardline stance.
  >
  >  FWIW, I don't think it's microsoft's place to force patches on =
people as Mr
  >  Mundie seems to think, there are other much better ways for MS to =
make NT a
  >  whole lot more secure. Really simple things like random directory =
names
  >  (instead of \winnt use \winnt+installdate) and stuff that won't =
break apps
  >  but will break 90% of the hacks.
  >
  >  Look at how many hacks have been foiled by the IE temp files =
directory
  >  names. Such a simple thing to do and it blocked countless exploits =
that
  >  never became a reality because the files couldn't be located =
easily.
  >
  >  Geo.

------=_NextPart_000_0BB3_01C297FC.570DCC30
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   This
sounds like something =
is=20
corrupted.  Try comparing the files on this machine with another =
running=20
the same version of Windows.
 
Rich
 

  "Thees Peereboom" <theesp{at}barkto.com>">mailto:theesp{at}barkto.com">theesp{at}barkto.com>
wrote in =
message news:7skbuu8i15b=
bj0vd4kg2soi480j9b0ghpo{at}4ax.com...Rich,On=20
  a completely different note, I've got a securityproblem which =
Iseem unable=20
  to solve. I've posted about this before, but sofar =
noluck.This=20
  machine is part of an NT4 domain, users and groups are =
maintainedon that=20
  domain. For some time now whenever I try to change =
thesecuritysettings on=20
  this machine (other machines in the domain workfine) I get the =
following=20
  error:(leftclick on file, choose properties, go to the =
securitytab=20
  andchoose add)'Cannot open the dialogue for
userselection=20
  (null)'which leaves me unable to add or change any =
rights.I'd=20
  really appreciate at least a direction to search, since I have =
notbeen=20
  able even to find this error in the
docs.TIA,- Thees=20
  PeereboomOn Wed, 27 Nov 2002 18:37:40
-0800, "Rich" =
<{at}>=20
  wrote:>   I don't see any
backing down.  =
Microsoft=20
  does make choices that affect backward compatibility but all such =
choices are=20
  scrutinized.  If the compat problems are due to app bugs work =
arounds,=20
  often specific to one app, are implemented.  Quite a bit of =
effort is=20
  made to keep existing apps from third parties working.  Sometimes =
changes=20
  are made in documented or default behavior, and don't believe that =
simply=20
  changing system defaults doesn't have compat problems.  These are =

  documented and often configurable by admins or users depending on the =
scope of=20
  the setting.  I suspect there are more settings changes that API =
behavior=20
  changes.  John O encountered one in Windows XP Home =
Edition.  By=20
  default network access is authenticated as the guest account to limit =
the=20
  ability of someone to attack a system remotely and do dammage.  =
It allows=20
  a local user to have no password and not open the system to attack =
using that=20
  user's account.  How did this bite John?  He disabled the =
guest=20
  account.>This is a fine example of breaking existing behavior =
to gain=20
  greater
security.>>Rich>> 
"Geo." =
<georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote in =
message news:3de56764$1{at}w3.nls.net...=
> =20
  "Rich" <{at}> wrote in message news:3de42e03{at}w3.nls.net...>=
  =20
  >>  It's more
complicated.<<>> 
I =
don't=20
  doubt it, I just find it funny that right after Craig Mundie=20
  made>  his "break the apps for
security" statements along =
comes a=20
  security issue>  and he's forced to back down from the =
hardline=20
  stance.>>  FWIW, I don't think
it's microsoft's =
place to=20
  force patches on people as Mr>  Mundie seems to think, =
there are=20
  other much better ways for MS to make NT a>  whole lot =
more=20
  secure. Really simple things like random directory
names>  =

  (instead of \winnt use \winnt+installdate) and stuff that won't break=20
  apps>  but will break 90% of the =
hacks.>>  Look=20
  at how many hacks have been foiled by the IE temp files=20
  directory>  names. Such a simple thing to do and it =
blocked=20
  countless exploits that>  never became a
reality because =
the files=20
  couldn't be located easily.>> =20
Geo.

------=_NextPart_000_0BB3_01C297FC.570DCC30--

--- BBBS/NT v4.01 Flag-4