Disabling the "My Computer" Connection
Disabling the "My Computer" Connection
The "My Computer" connection is created during the initial installation and is required for Agents to access content on the user's local desktop. Jobs running on Remote Sites and Managers may also use this connection. However, there are important security implications - a user with permissions for this connection can access any file on the system on which it is running, including system files. Access includes both read and write permissions.
Instructions
If the "My Computer" connection will not be used, it is recommended that the connection be disabled or deleted. This applies to both Managers and Remote Sites. To disable or delete the connection:
Open a connection to the DryvIQ database via command line or management console
Perform one of the following actions on the Connections table, where ConnectionID equals '5dc531df34554edd96c31272262ad950':
Delete the record
Set the IsActive value to 0 (zero)
Recommendations
It is also recommended that users be created in the context of a group. This avoids security issues associated with implicit access to the "My Computer" connection by global administrators. See Access Control - Groups, Roles, and Permissions for additional information.