Fog Creek Software
Discussion Board

FogBugz User Account and Possible Bug

I was wondering why FogBugz created a user account with FULL permissions to every directory and file on my box? Including the Crytographic keys in All Users?

In doing so, it removed permissions from my Administrator account. I was able to reset them, but it took some time to find this problem. The only account with permissions to do anything (including read) was the FogBugz account. This caused .NET tools like SN to fail with Access Denied errors.

I am very concerned that the FogBugz has direct permissions to everything, and that it did not use an existing group or create a group.

Please explain.

David Buksbaum
Sunday, February 02, 2003

The created FogBUGZ account is granted permissions on the FogBUGZ install directory (C:\program files\fogbugz usually), and also the Crypto folders (it should have added permissions, not replaced them) -

It needs the crypto permissions so it can create a context in order to verify the signatures on the licenses.

Michael H. Pryor
Sunday, February 02, 2003

Ok. Then it was a bug. When I next reblast the box (usually every few months) I will try to verify.

But, as a suggestion. Could you do this through a group instead of direct account ACLs?


David Buksbaum
Sunday, February 02, 2003

It may have looked that way because of the dumb way Microsoft shows you security settings.

The \Crypto\Rsa\MachineKeys  folder starts out with Administrator having very weird privileges which are non-standard. So when you go into the Security tab, it LOOKS like administrator has no privileges. But if you click on ADVANCED, which brings up an alternate UI for the security stuff, then choose Administrators and click View/Edit, you'll see all kinds of permissions are actually turned on.

Basically what happens is that the main security dialog box is just trying to show you a summary of security, and the security situation of these folders is too complicated to summarize, so the main security dialog shows you nothing, but if you go into "special" you'll see that the permissions are actually on. It looks the same before and after FogBUGZ setup.

Michael H. Pryor
Wednesday, February 05, 2003

*  Recent Topics

*  Fog Creek Home