41
6
This question may be weird and misworded but I'm not a Windows expert by any means so feel free to correct me.
The group I'm in recently got new computers at work. They gave me a new computer and hooked up my old computer to the network for a week so I could take my time transferring necessary files/configs etc. The Support Guy said, "Just go to 'run' and type in \\PCNAME\c$
. So I did and, low and behold, there's my old C: drive. I thought to myself, "What a huge security issue. I'll just transfer everything quickly and then 'un-share' it."
The end of the day came and I logged in through remote desktop and right clicked on the C drive. But it was not shared. I called The Support Guy and explained to him that I didn't want my C drive available to everyone on the network all weekend. He seemed confused. He said, "It's not really 'shared'. If you go to the command prompt and type in \\ANYPCNAME\c$
you get their C drive. That's just how it is."
I hung up the phone and walked over to a coworker's desk and looked at his PC name (there's a sticker on every computer) and then walked back to my desk and put a hello
file on his desktop.
I don't keep anything personal on my work computer but there are definite security concerns. Not really from within the group I'm in but from the hundreds of other employees on the network (and domain) that I don't know. I'm fine with practical jokes but what if someone has an unknown grudge against me (or someone with a similar name or computer name) and adds nasty language against my boss to documents which are part of a project?
Is this an inherit part of how Windows domains work? Are there any steps I can take to make my box a little more secure? Bear in mind that I do have admin rights to the box but I can't change anything as far as the network or domain goes. Even just an explanation of what's going on would be a big help as this goes against everything that I know to be 'pretty basic' about computer systems in general. I'm more familiar with Linux so Windows World is a little foreign to me.
Follow Up
Voiced my concerns about this at work. I was told, "Nobody knows about the drive$ thing so there's nothing to worry about." Followed Darth's solution and added that registry key. Now I'll wait and see if anyone gets alerted.
6That's totally nuts. There must be an easy way to disable that. – James T Snell – 2011-07-15T20:38:46.693
6It isn't totally nuts. It's how windows is designed and for good reason. See my further answer below. – music2myear – 2011-07-15T20:51:22.330
13And no, your question is not weird in the least and you did an excellent job of describing it given your self-described non-expertness. You were observant and thoughtful, which is something I wish even a 10th of my users were. – music2myear – 2011-07-15T21:04:11.413
1This is why you should never keep anything on your computer but on the network shares. – Greg – 2011-07-15T21:04:11.607
4+1 because your concerns are reasonable and justified. – Randolf Richardson – 2011-07-15T21:04:44.663
2Oh wow, that's really troubling. To add more urgency to your request, note that this probably works on workstations used by human resources as well. That's stuff I don't think the company wants arbitrary employees being able to read (much less modify!) – Tim Post – 2011-07-16T00:16:14.453
@Greg our network shares are slow. But I keep everything of any substance there (temp repos, docs, etc). The only things I'm concerned with on my C drive are configs for netbeans, hg, mvn, vim, putty, etc. – Josh Johnson – 2011-07-16T01:17:00.213
2Re-reading it looks like I pass of The Support Guy as bumbling. He's not. He's sharp. If anything his response hinted at, "This is how it is and it's out of my control." – Josh Johnson – 2011-07-16T01:21:01.690
This is actually ok. Although it sounds like all users have admin rights to each computer locally. Not a good thing. If you want 1 or 2 users to have admin rights to a certain computer then that's fine. Sometimes you need to do so. But you should not be able to access other people's profiles on a different computer. – Matt – 2011-07-17T00:48:15.633