Home
Windows Security
Windows security revolves around the rights of users and groups and the permissions set on objects they may access. Objects are defined as files, folders and all resources like drives, printers etc. Each has an Access Control List or ACL to manage the permissions. In addition to the basic ACL there are the Advanced File and Folder permissions.
Advanced File/Folder Permissions
It is rarely necessary to check Advanced Authorization Options, but it allows a more precise control of effective permissions. Here's a complete list of Special Permissions:
Below is an overview of each permission, where there are two separated by a "/", the first is the folder settings (If it is a folder) the second is if it is a file.
Full Control
Self-explaining ;-)
Traverse Folder / Execute File
Allows to traverse directories and execute files.
List Folder / Read Data
Allows to view a directory contents or read a file.
Read Attributes
Allows to view a file or a folder's properties.
Create Files / Write Data
Allows to create files inside a folder or to write new data in a file.
Create Folders / Append Data
Allows to create new subfolders or to add data at the end of a file.
Write Attributes
Allows to modify a file's attributes.
Write extended attributes
Allows to set extended attributes on files and folders.
Delete subfolders and files
Only applies to folders and allows to delete objects inside them.
Delete
Allows to delete the object.
Read Permissions
Allows to read permissions on a file.
Change Permissions
Allows modifying ACLs.
Take Ownership
Allows to get the ownership of an object. The owner can always modify ACLs on objects.
File and Folder Permissions (Sourced from http://www.uwec.edu/help/)
- Permission Types: An Overview
- Establishing File and Folder Level Permissions
- Working with Permissions
- Advanced Folder Level Permissions