Monday 5 November 2018

NTFS Permissions - deny delete does not work


Hopefully you guys will be able to help me out.


=========================


Scenario:



FolderA > FolderB



FolderA Permissions (no inheritance):


This Folder Only


Deny Delete


Allow everything else


Subfolders & Files


Allow everything


========================


With such configuration, I should be able to do everything into FolderA, but not delete or change the name of it, however is not working. I'm still able to delete and change the name of FolderA.


Thanks Heaps


Gabriel



Answer



You have to take into account that deleting/renaming a file is actually a write operation on the parent folder which is a special "file" that contains the list of children (files or subfolders). As such to prevent deleting a file, you need to remove the write permission on the parent folder.


see kb 308419 for an explanation:



The Delete permission allows or denies the user from deleting the file or folder. If you do not have a Delete permission on a file or folder, you can delete the file or folder if you are granted Delete Subfolders and Files permissions on the parent folder.



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...