I've got a setup with two internal SSDs: one serves as my main drive for daily use (running Windows), while the other is a test SSD where I install untrusted programs. I'm trying to ensure that the test environment can operate freely but can't access my primary SSD at all.
To tackle this, I hid the primary SSD's drive letters using Disk Management, so it doesn't show up in 'This PC'. Then, I changed the NTFS ACLs on the primary SSD by adding a deny permission for the specific user account used on the test SSD, making sure that 'Write/Modify' actions are blocked. I left the permissions for SYSTEM and Administrators unchanged to keep them with Full Control.
After applying these settings, when I boot from the test SSD and try to copy files to the primary SSD, I get an 'Access Denied' message without any UAC prompt, which is good. However, I'm concerned about whether there are ways malware could potentially bypass these NTFS Deny ACLs, like through privilege escalation exploits, kernel drivers, or some sneakily signed binaries that could escalate to SYSTEM access.
3 Answers
Honestly, if you're worried about keeping your primary SSD secure, why not just go the virtual machine route? It’s a lot safer and gives you better isolation than trying to configure NTFS permissions. Plus, if you have the Pro version of Windows, you can easily set up a VM with Hyper-V, and it’s free!
You're on the right track, but using NTFS permissions alone might not be enough. Malware can sometimes exploit vulnerabilities that let it bypass those Deny ACLs. Essentially, if the OS is compromised, those permissions won't protect you effectively. Going for a VM would give you a much stronger layer of isolation!
Yeah, all the scenarios you mentioned are definitely possible. Bad actors can find ways to escalate privileges or use kernel drivers to get around NTFS permissions. So while your current setup is a start, make sure to consider a VM for safer testing!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures