Anyone notice that Chrome ignores NTFS file security settings in it's file browser yet?
"Hidden" system files are not hidden, and can be "downloaded" to any place one desires.
A program/virus could do a lot with that.

Isn't that obvious?

(I should note that when I refer to NTFS file security settings, I'm referring to basic Windows XP Pro running on default settings for "hide protected operating system files" as would be the majority of home users using Chrome - I haven't bothered testing it under more advanced settings, but it's odd how it doesn't comply to Windows File explorer).

Test results;

IE (Windows file explorer) with default settings shows 9 files/folders.
Firefox file browser shows 11 files/folders.
Chrome shows 21 files/folders.

There has to be a reason for those statistics in terms of security?

try clearing the cache and is Chrome able to access the hidden files

This definitely sounds like a bug and it seems mines doing it as well.
You should probably report a bug for this one....
http://code.google.com/p/chromium-os/issues/entry
....search for existing bugs here.....
http://code.google.com/p/chromium/issues/list
....I did a few searchs and couldnt find your bug mentioned

I was able to view hidden files/folders as well with simple file sharing turned off, under a whole new limited user account from the root of the drive - with the correct security/visibility settings in place.
That addressed the possible cache problem and it seems to ignore this - as the original problem was with the correct security settings and the hidden protected OS files were initially showing from the get-go.
The version I am using is 3.0.195.38.
I also tried the latest stand alone download under the limited user account which was with the same result.
Access was not as big of a problem as visibility, however it seemed that the above original problem might serve a virus well if the browser is running under a full rights default security account (aka normal home users).
Thanks for the links and the insight.
Again this was done with an i386 system running XP pro.

I thought I'd share an interesting reply I received from the bug submission.
I'll let the reader take from this post what they will.

Quote:
http://code.google.com/p/chromium-os...detail?id=1224

(But to save you some time, I don't think that this is a bug. Per
http://support.microsoft.com/kb/230657 , this option in Explorer just hides some
system files from the default UI -- it doesn't provide any real security or prevent
apps from being able to access them directly. Feel free to file a bug in the Chromium
issue tracker if you disagree, though.)


So, if we take from that response what the solution or "real problem" is...as cited by the Microsoft article, then it's just a "Graphical User Interface" problem?
Oh really?

Not only are they hidden in the GUI, as well with WinXP Pro, they are hidden and protected in all aspects, including CMD line etc.
Is there something that I'm not getting here?
Not only are they protected within the GUI, CMD line, but other 3rd party browser/file browsing apps - but they are being displayed within Chrome as a downloadable link,
I just copied my boot.ini for example and moved it where ever I wished with full visibility - contrary to all existing ways that can be invoked.
My services to protect these files from this kind of breach of behavior are disabled in the services directory - yet now anyone that runs the proper Trojan may grab a copy...via Chrome
What gives?

Makes sense.....what their saying is that Hidden files is only an option. All Microsoft apps honor it, but nothing has to. Any 3rd party app can just totally ignore it...I just tried it with Faststone image viewer and it showed the hidden files....atleast it has an option to not show them, but it points out that any app can. So it would be nice if Chrome had the option to not show them aswell. So on the thing of Trojans, any trojan written for windows could see your hidden files without the help of Chrome. I think Win7 or Vista give the sort of security you want but I wouldnt know coz I havent ever used either of them, although I plan on going to Win7 sooner or later, prolly later.