Windows Vista beta 2 installs a new default network share on your PC: C:\Users. As a network admin who has seen too many PCs with horribly exposed files due to Windows' default settings, I'm naturally wary of file shares that are opened up automatically. I asked Microsoft: what's the deal?
When I was investigating PC-to-PC Sync, which now won’t be part of the final release but may well be available later down the line, I stumbled across something interesting.
Looking at the network shares open on my test machine, I discovered a new share in addition to the standard admin shares - C:\USERS.
Initially I wondered whether this was a requirement of PC-to-PC Sync. After all, having a C:\USERS share might allow file transfer between two Vista machines, as long as the same user was logged on to both machines with the same credentials.
So I queried it with Microsoft. A Microsoft spokesperson responded:
The shares at C:\Users and C:\Users\Public are created through the Network File and Printer Sharing feature of Windows Vista; its goal is to improve the same-computer sharing and network sharing experience. They only appear once the user allows public sharing of media and shared data.
Hmm. I hadn’t noticed one at C:\Users\Public. And there wasn’t one. It turned out that when I had enabled network file and print sharing in Vista (which was a pre-requisite for PC-to-PC sync), I was offered a window which allowed me to set share permissions and visibility on the C:\Users\Public folder. I hadn’t done this, but Windows went ahead and created a share at C:\Users anyway (I wasn't given an option for this).
The spokesperson went on to say:
It’s similar to the Shared Documents functionality of Windows XP in workgroup mode but allows security control over how this is exposed and to which network zones. The shares are not a function of the Sync Center or other synchronization features.
Well, this isn’t completely true. The Shared Documents feature in Windows XP was restricted to local users sitting in front of the PC, not remote ones connected over the network.
It was a feature designed to make it easier for people who share a PC (such as family members) to access some of each other's files without giving unrestricted access to the whole lot.
If you browse to a workgrouped XP computer over a network, the default views are Scheduled Tasks and Printers and Faxes - nothing else.
As a network admin I’m naturally always wary of file shares being opened up without the user's knowledge. I've seen too many Windows machines horribly exposed on the network simply because the user was trying to share some files without really knowing what was happening.
One of the basic questions of network security is "Can my computer be seen on the network, and what is it advertising as available services to other PCs?".
An insecure file share is the networking equivalent of your computer standing on a ten foot ladder and shouting through a megaphone, "hey everybody, I'm switched on and I've got files waiting to be stolen... guess my password!"
So is Vista exposing your files?
Looking closer at how Vista has handled this aspect of networking, the picture isn’t too bad.
The local security permissions - for people who physically log on to the PC - on C:\Users are the same as XP. Anyone who physically logs on can access files in the C:\USERS directory (though not the user subfolders, except their own accounts, of course).
If an XP PC with Simple File Sharing switched on had that C:\USERS share, though, network users would be able to log into it if they knew any user account name/password on that PC.
Fortunately, in Vista, that's not the case, because it doesn't enable the "everyone" group on C:\USERS by default. Only Administrators and Authenticated Users (people specifically authorised to connect to your PC over the network) have full rights to view files in that directory over the network.
Given that the whole point of Vista is that local users should not be administrators, this is actually even more secure than it sounds.
So, despite how it looks on first impressions, the Network File and Printer Sharing page is a substantial improvement over XP's Simple File Sharing, which sets up a bunch of hidden shares with "everyone" access by default.
It’s more granular and results in better security. It has been put together in such a way that even the most network-illiterate user shouldn’t massively expose their system by choosing the wrong option.