I have a server with Windows 2003 Server R2 fully updated (AD not installed). I made usergroup "Office". I defined two explicit rules for some particular folder "OurUserFiles" for this usergroup:
First disabling rule for "this folder only":
Create Files / Write Data;
Create Folders / Append Data;
Write Attributes;
Write Extended Attributes;
Delete Subfolders and Files;
Delete;
Change Permissions;
Take Ownership.
Second disabling rule for "Subfolders and files only":
Traverse folder / Execute File;
List Folder / Read Data;
Delete Subfolders and Files;
Delete;
Change Permissions;
Take Ownership.
And ...
Every user in group "Office" accessing server from their computers can freely lookup by wildcard all files in subfolders of "OurUserFiles" with Windows Search and watch their names. How can it be possible at all? Does Windows Search use some different way to list file names there? What should I do to block it?