Files can be decrypted by others (Windows)
Module: Encrypted File
System
Supported Platforms:
Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows
XP
Encrypted files contain
an access list of users that can decrypt the file. This check
reports files that can be decrypted by users other than the file
owner. You can use the name list to exclude files owned by specific
users or security groups from being checked.
The following table lists
the error messages for the check.
Table: Error messages for Files can be decrypted
by others
|
Message String ID and Category
|
Platform and Message Numeric ID
|
Message Title and Description
|
Additional Information
|
|
String ID: ESM_EFS_DECRYPTED_BY_OTHERS
Category: System Information
|
-
Windows 2000 (106932)
-
Windows 2003 (206932)
-
Windows 2008 (249932)
-
Windows Vista (229932)
-
Windows XP (201932)
|
Title: File can be decrypted by others
Description:The file can be decrypted by someone other than the
file owner.
|
Severity: yellow-2
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [Owner: %s; can also be decrypted by:
%s]
|
|
String ID: ESM_EFS_NOSID
Category: System Information
|
-
Windows 2000 (106935)
-
Windows 2003 (206935)
-
Windows 2008 (249935)
-
Windows Vista (229935)
-
Windows XP (201935)
|
Title: Certificate does not match any valid user
Description:The file can be decrypted by a certificate with no
matching user. Remove this certificate from the access list for the
file.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [Certificate name: %s]
|
