Citrix Systems 1.8 manual Query acl path /registryonly /filesonly /ignoreexecute /?, Registryonly

$SSHQGL[￿$￿￿￿￿0HWD)UDPH￿&RPPDQG￿5HIHUHQFH￿ ￿ ￿￿￿

48(5<￿$&/￿￿6HFXULW\￿$XGLW￿8WLOLW\￿

'HVFULSWLRQ

This command is identical to aclcheck. It performs a file security audit on the specified directory or drive letter. Query acl reports file accesses allowed by accounts other than Administrator, Administrators, or SYSTEM. Query acl can also generate a report of registry keys that have Delete, Write, Add, Link, Change Permissions, or Take Ownership permissions for non-administrator users. The system security level (Low, Medium, or High) is also reported.

6\QWD[

query acl [path] [/registry_only /files_only [/ignore_execute]] [/?]

3DUDPHWHU

path

The name of the drive or directory path to audit.

2SWLRQV

/ignore_execute

Does not report files with user Execute permissions.

/registry_only

Checks only the system registry.

/files_only

Checks only disk files.

/? (help)

Displays the syntax for the utility and information about the utility’s options.

5HPDUNV

Query acl generates a report of potential security exposures on a MetaFrame server. Query acl reports excessive file or registry accesses allowed by accounts other than Administrator, Administrators, and SYSTEM.

The file report shows any files that have Delete, Write, Append, Execute (unless the /ignore_execute option is specified), Change Permissions, or Take Ownership permissions for non-administrator users.

The registry report shows any registry keys that have Delete, Write, Add, Link, Change Permissions, or Take Ownership permissions for non-administrator users.