Bootstrap FreeKB - Windows - Understanding NTFS permissions
Windows - Understanding NTFS permissions
Updated:   |  Windows articles

NTFS file permissions

  • Full Control allows you to read, write, modify, execute, change attributes, permissions, and take ownership of the file.
  • Modify allows you to read, write, modify, execute, and change the file’s attributes.
  • Read & execute will allow you to display the file’s data, attributes, owner, and permissions, and run the file if its a program.
  • Read will allow you to open the file, view its attributes, owner, and permissions.
  • Write will allow you to write data to the file, append to the file, and read or change its attributes.

 

NTFS folder permissions

  • Full Control allows you to read, write, modify, and execute files in the folder, change attributes, permissions, and take ownership of the folder or files within.
  • Modify allows you to read, write, modify, and execute files in the folder, and change attributes of the folder or files within.
  • Read & execute will allow you to display the folder’s contents and display the data, attributes, owner, and permissions for files within the folder, and run files within the folder.
  • List Folder Contents will allow you to display the folder’s contents and display the data, attributes, owner, and permissions for files within the folder.
  • Read will allow you to display the file’s data, attributes, owner, and permissions.
  • Write will allow you to write data to the file, append to the file, and read or change its attributes.

 

ASSIGNED PERMISSIONS

  1. Right-click on the folder or file and select Properties.
  2. Select the Security tab.

In this example, John Doe's assigned permissions are Read & execute, List folder contents, and Read. This means that John Doe access is Read & execute.

 

INHERITANCE

  1. Right-click on the folder or file and select Properties.
  2. Select the Security tab.
  3. Select Advanced.

John's access at Advanced Security Settings is Read & execute, with no inheritance. Notice also that the Read & execute permission applies to This folder, subfolders, and files

 

ADVANCED PERMISSIONS

  1. Right-click on the folder or file and select Properties.
  2. Select the Security tab.
  3. Select Advanced.
  4. Double-click John Doe.
  5. Select Show advanced permissions.

We can view and edit John's advanced permissions.

 

EFFECTIVE PERMISSIONS

Effective access is the combination of the folder or files assigned permission and inherited permissions.

  1. Right-click on the folder or file and select Properties.
  2. Select the Security tab.
  3. Select Advanced.
  4. Select the Effective Access tab.
  5. Click the link Select a user.
  6. Type the user or group name, seleck Check Names, and select OK.
  7. Select View effective access.
properties
Special permission Full Control Modify Read & Execute List Folder Contents Read Write
Traverse Folder/Execute File x x x x    
List Folder/Read Data x x x x x  
Read Attributes x x x x x  
Read Extended Attributes x x x x x  
Create Files/Write Data x x       x
Create Folders/Append Data x x       x
Write Attributes x x       x
Write Extended Attributes x x       x
Delete Subfolders and Files x          
Delete x x        
Read Permissions x x x x x x
Change Permissions x          
Take Ownership x          
Synchronize x x x x x x

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter d894dc in the box below so that we can be sure you are a human.