Navigate

Check: DS00.0121_2003

Windows 2003 DC STIG: DS00.0121_2003 (in version v6 r37)

Title

File Replication Service (FRS) directory data files must have proper access control permissions. (Cat II impact)

Discussion

Improper access permissions for directory data files could allow unauthorized users to read, modify, or delete directory data.

Check Content

Run "Regedit". Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters". Note the value for "Working Directory", typically "%SystemRoot%\ntfrs". Verify the permissions of the noted location. If the access control permissions of the FRS directory are not at least as restrictive as those below, this is a finding. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F)

Fix Text

Maintain the access control permissions for the FRS directory as outlined below. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F)

Additional Identifiers

Rule ID: SV-34409r3_rule

Vulnerability ID: V-27109

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-002235	Prevent non-privileged users from executing privileged functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-6(10)	Prohibit Non-privileged Users from Executing Privileged Functions