Security Basics mailing list archives
Re: Windows Sharing File Permissions
From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Tue, 11 Dec 2007 23:37:30 +0300
Hello Al Cooper, Understanding NTFS permissions and share permissions is critical to securely sharing local resources with others on the network. Share permissions are the permissions that are applicable to a folder (and not file) when the folder is shared. Share Permission determines the level of access other users across the network have on the shared folder. Share permissions are very few and are limited to Full Control, Change, and Read only. However, on the other hand, NTFS permissions are applicable not only for folder, but also for file. NTFS permission determines the level of access all users not only across the network, but also locally, have on the file or folder. NTFS permission offers much fine grained control over Share permission. NTFS permission includes Full Control, Modify, Read and Execute, List Folder Contents, Read, Write and Special Permission. Besides this, unlike Share permission, NTFS permission allows facility to allow/disallow inheritance of permissions of parent folder to files and folders within it. Also one interesting thing to know is that NTFS permissions are associated with the object, so the permissions are always connected with the object during a rename, move, or archive of the object. The same is not the case with Share Permission. The most restrictive permission applies when share and NTFS permissions conflict. The best practice is generally to provide Full Control to Authenticated Users as Share permission and then provide granular/restrictive permission to individuals or groups using NTFS permission. You can get more information about Share and NTFS permission over internet. These are just few of them: 1. http://www.zdnetasia.com/insight/software/0,39044822,39048326,00.htm 2. http://www.cramsession.com/articles/files/share-versus-ntfs-permiss-9162003-1702.asp 3. http://www.windowsecurity.com/articles/Share-Permissions.html -- Nikhil Wagholikar Information Security Analyst NII Consulting Web: www.niiconsulting.com On Dec 11, 2007 7:05 PM, Al Cooper <cooper () hmcnetworks com> wrote:
Hi All, In Windows, there are two places to set shared folder permissions in the Folder Property Box, on the Security Tab and on the Sharing Tab under permissions. What is the difference between these two? Which one has priority? Why are there two? I know this seems like a very basic question but I cannot find good documentation on this. Thanks for your help, -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- Windows Sharing File Permissions Al Cooper (Dec 11)
- RE: Windows Sharing File Permissions wharfratjoe (Dec 12)
- Re: Windows Sharing File Permissions Nikhil Wagholikar (Dec 12)
- Re: Windows Sharing File Permissions Raoul Armfield (Dec 18)
- RE: Windows Sharing File Permissions Nick Vaernhoej (Dec 12)
- RE: Windows Sharing File Permissions Jesse Eaton (Dec 12)
- Re: Windows Sharing File Permissions Micheal Espinola Jr (Dec 12)
- RE: Windows Sharing File Permissions Marc Ouwerkerk (Dec 12)
- RE: Windows Sharing File Permissions Bill Lavalette (Dec 12)
- Re: Windows Sharing File Permissions Jason Ross (Dec 12)
- RE: Windows Sharing File Permissions Ackley, Alex (Dec 12)
- RE: Windows Sharing File Permissions Scalcione.David (Dec 12)
- <Possible follow-ups>
- Re: Windows Sharing File Permissions jean . debogue (Dec 12)