S
Sat Sep 27 05:48:37 CDT 2003
Drew,
I warned about the risk.
I'd like to ask about the "system instability" - can you please give an
example of situation when a system that starts up without fastfat.sys
driver, crashes later on?
--
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-
"Drew Cooper [MSFT]" <dcoop@online.microsoft.com> wrote in message
news:eQPXie8gDHA.3204@TK2MSFTNGP11.phx.gbl...
> Please don't do that.
> It doesn't solve the additional problems of copying to yet other file
> systems (CDFS, perhaps?) locally or copying over the network. Further,
EFS
> can be turned off on a per-folder basis, so even on NTFS you can have
users
> copying files and decrypting. Not to mention that users could explicitly
> decrypt the files anyway. The fastfat hack could also lead to system
> instability.
>
> --
> Drew Cooper [MSFT]
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
> news:u495w9ngDHA.2748@TK2MSFTNGP11.phx.gbl...
> > I have an idea. File system drivers are under
> %systemroot%\system32\drivers.
> > NTFS is NTFS.sys; I guess fastfat.sys is the FAT driver. Deleting the
> file,
> > or perhaps changing the startup type in registry, could disable FAT
> sypport,
> > effectively preventing copying to FAT partitions.
> >
> > Try at your own risk - system recovery might be required.
> >
> > --
> > Svyatoslav Pidgorny, MVP, MCSE
> > -= F1 is the key =-
> >
> > "Steven L Umbach" <n9rou@comcast.net> wrote in message
> > news:LL2cb.325871$2x.95224@rwcrnsc52.ops.asp.att.net...
> > > As far as I know, that is not possible. You will have to rely on
> training.
> > Good
> > > ck. --- Steve
> > >
> > > "Rainer" <rainerzeifang@netscape.net> wrote in message
> > > news:0c6001c381f0$12f3d650$a001280a@phx.gbl...
> > > > Actually I want that a user who has encrypted the file by
> > > > his own doesn't copy it by accident to a FAT file system
> > > > in decrypted form. I know that if you copy it to FAT you
> > > > get a warning that it will be decrypted. I want that the
> > > > user cannot copy the file to a nonencrypted FAT file
> > > > system. Any chance to enforce this?
> > > >
> > > >
> > > > >-----Original Message-----
> > > > >The user who does the copy must be able to decrypt the
> > > > files or the copy will fail. A
> > > > >copy operation is a read/write process. So if a user who
> > > > can not decrypt the files
> > > > >tries to copy, the copy will be denied. Of course any
> > > > user that logs on as you will
> > > > >be able to copy the EFS file if your EFS private key is
> > > > still on the computer. If you
> > > > >go with EFS be sure to backup a copy of your private key
> > > > as described in KB link
> > > > >below.--- Steve
> > > > >
> > > > >
http://support.microsoft.com/default.aspx?scid=kb;EN-
> > > > US;223316
> > > > >
http://support.microsoft.com/default.aspx?scid=kb;EN-
> > > > US;241201
> > > > >
> > > > >
> > > > >"Rainer" <rainerzeifang@netscape.net> wrote in message
> > > > >news:081e01c381da$b1789830$a001280a@phx.gbl...
> > > > >> I want to use an EFS under Windows XP and want to
> > > > prevent
> > > > >> a copy of an encrypted file to a FAT file system like
> > > > for
> > > > >> example the good old floppy or other FAT drives. Is
> > > > there
> > > > >> a possibility to generally disable copying encrypted
> > > > >> files to FAT drives?
> > > > >>
> > > > >> Rainer
> > > > >
> > > > >
> > > > >.
> > > > >
> > >
> > >
> >
> >
>
>