From: Thees Peereboom 

Rich,

I have another machine running W2K, only that's a US version I bought,
while on this machine W2K is an OEM Dutch version (came with the Dell).
Would it still be possible to compare files?

What files should I look at?

TIA,

- Thees Peereboom

On Fri, 29 Nov 2002 23:09:16 -0800, "Rich"  wrote:

>   This sounds like something is corrupted.  Try comparing the files on this
machine with another running the same version of Windows.
>
>Rich
>
>  "Thees Peereboom"  wrote in message
news:7skbuu8i15bbj0vd4kg2soi480j9b0ghpo{at}4ax.com...
>  Rich,
>
>  On a completely different note, I've got a securityproblem which I
>  seem unable to solve. I've posted about this before, but sofar no
>  luck.
>
>  This machine is part of an NT4 domain, users and groups are maintained
>  on that domain. For some time now whenever I try to change the
>  securitysettings on this machine (other machines in the domain work
>  fine) I get the following error:
>
>  (leftclick on file, choose properties, go to the securitytab and
>  choose add)
>
>  'Cannot open the dialogue for userselection (null)'
>
>  which leaves me unable to add or change any rights.
>
>  I'd really appreciate at least a direction to search, since I have not
>  been able even to find this error in the docs.
>
>  TIA,
>
>  - Thees Peereboom
>
>
>  On Wed, 27 Nov 2002 18:37:40 -0800, "Rich"  wrote:
>
>  >   I don't see any backing down.  Microsoft does make choices that affect
backward compatibility but all such choices are scrutinized.  If the compat
problems are due to app bugs work arounds, often specific to one app, are
implemented.  Quite a bit of effort is made to keep existing apps from
third parties working.  Sometimes changes are made in documented or default
behavior, and don't believe that simply changing system defaults doesn't
have compat problems.  These are documented and often configurable by
admins or users depending on the scope of the setting.  I suspect there are
more settings changes that API behavior changes.  John O encountered one in
Windows XP Home Edition.  By default network access is authenticated as the
guest account to limit the ability of someone to attack a system remotely
and do dammage.  It allows a local user to have no password and not open
the system to attack using that user's account.  How did this bite John? 
He disabled the guest account.
>  >This is a fine example of breaking existing behavior to gain greater
security.
>  >
>  >Rich
>  >
>  >  "Geo."  wrote in message
news:3de56764$1{at}w3.nls.net...
>  >  "Rich"  wrote in message news:3de42e03{at}w3.nls.net...
>  >   >>  It's more complicated.<<
>  >
>  >  I don't doubt it, I just find it funny that right after Craig Mundie made
>  >  his "break the apps for security" statements along
comes a security issue
>  >  and he's forced to back down from the hardline stance.
>  >
>  >  FWIW, I don't think it's microsoft's place to force patches on people as
Mr
>  >  Mundie seems to think, there are other much better ways for MS to make NT
a
>  >  whole lot more secure. Really simple things like random directory names
>  >  (instead of \winnt use \winnt+installdate) and stuff that won't break
apps
>  >  but will break 90% of the hacks.
>  >
>  >  Look at how many hacks have been foiled by the IE temp files directory
>  >  names. Such a simple thing to do and it blocked countless exploits that
>  >  never became a reality because the files couldn't be located easily.
>  >
>  >  Geo.

--- BBBS/NT v4.01 Flag-4