cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tp-tec_CE
Engaged Sweeper
Hello,

currently standard user group "everyone" is set to Full Access
on Lansweeper Subfolder "Service" (path example: c:\program files\lansweeper\service).

That is a vulnerability according to regular Nessus scans.

Is this Access Level required to run the service or just to let users
put lspush result files into subsubfolder "import" ?

For now I have to modify Acl after each patch installation.

Maybe that could be changed.

Thank you,
Mike
4 REPLIES 4
tp-tec_CE
Engaged Sweeper
Thank you.
Hemoco
Lansweeper Alumni
If you want you can change the settings manually after upgrading.
tp-tec_CE
Engaged Sweeper
Hi,

that folder is not shared.

But is there any reason why not to place "everyone" only on the import subfolder?

As long as Nessus is detecting it as a vulnerability it is required to change
it manually for PCI purposes. (see screenshot)

Maybe it's also a good point to minimize access to the folders at all. (least privilege)

Greetings,
Mike
Hemoco
Lansweeper Alumni
Is this folder shared?
Are non-administrators able to log onto your server?

Is both answers are "no" I don't see any security issues.