FEEDBACK
EarthWeb sites
Crossnodes
Datamation
Developer.com
DICE
EarthWeb.com
EarthWeb Direct
EarthWeb Events
ERP Hub
Gamelan
GoCertify.com
HTMLGoodies
Intranet Journal
IT Knowledge
IT Library
JavaGoodies
JARS
JavaScripts.com
open source IT
Perl Journal
RoadCoders
SysOpt.com
Y2K Info
|
|
The complete list of permissions that can be assigned to files is shown in Table 4.1, and permissions for folders are given in Table 4.2. Because of the different uses of folders and files, there are two sets of standard permissions, as well as special sets of permissions to define more selective access. The folder permissions contain and display two sets of permissions; the first set refers to the folder access, and the second set refers to the file or subfolder permissions on objects contained within the folder.
Table 4.1 File permissions.
|
| Permission
| Description
|
|
| Standard File Access Permissions
|
| No Access (None)
| All access to the file is blocked, overriding all other permissions.
|
| Read (RX)
| Allows data to be viewed and executed if it is a program.
|
| Change (RWXD)
| Same access as Read, plus data may be modified or the file deleted.
|
| Full Control (All)
| Same access as Change, plus file permissions may be changed and ownership of the file taken.
|
| Special File Access Permissions
|
| Read (R)
| File may be opened and data viewed.
|
| Write (W)
| File data may be modified.
|
| Execute (X)
| Allows execution of program file.
|
| Delete (D)
| File may be deleted.
|
| Change Permissions (P)
| File access permissions may be changed.
|
| Take Ownership (O)
| Allows ownership of the file to be taken.
|
|
Table 4.2 Folder permissions.
|
| Permission
| Description
|
|
| Standard Folder Access Permissions
|
| No Access (None)(None)
| Blocks all access to the folder, overriding all other permissions.
|
| List (RX)(not specified)
| Allows listing of file names and moving to subfolders.
|
| Read (RX)(RX)
| The same as List, plus files may be viewed and executed.
|
| Add (WX)(not specified)
| Allows files to be added to the folder and subfolders created.
|
| Add & Read (RWX)(RX)
| The same as List, plus Add at folder level. Files may be viewed and executed.
|
| Change (RWXD)(RWXD)
| The same as Add & Read at folder level, plus folder may be deleted. Files may be viewed and executed. Files and subfolders may be modified and deleted.
|
| Full Control (All)(All)
| The same as Change, plus file and folder permissions may be changed, and ownership of folder and files may be taken.
|
| Special Folder Access Permissions
|
| Read (R)
| File and subfolder names may be listed.
|
| Write (W)
| Files and subfolders may be added to the folder.
|
| Execute (X)
| Moving to subfolder permitted.
|
| Delete (D)
| Folder may be deleted.
|
| Change Permission (P)
| Folder permissions may be changed.
|
| Take Ownership (O)
| Ownership of folder may be taken.
|
|
If a group or user has been granted Full Control permissions on a folder, any file contained in that folder may be deleted, regardless of the permissions assigned to the file.
Auditing
It is possible to enable auditing on NTFS volumes to allow selected events to be recorded in the security event log. The auditing can be used to either log possible security breaches or to provide an audit trail on which operations have been performed on the file system. Auditing can be enabled for failed operations, successful operations, or both at the file or folder level. Remember, file and folder auditing may only be implemented on NTFS volumes. Figure 4.13 shows the File Auditing screen.
Figure 4.13 The File Auditing screen.
Data Compression
Files and folders on NTFS volumes can be compressed by using the Windows NT Explorer. In fact, when NTFS volumes are formatted, the compression can be enabled at this point. Once a folder has been compressed, all files or subfolders copied to that folder are automatically compressed as well. However, when a file or folder is moved into a compressed folder on the same NTFS volume, the file or folder retains its compression state and isn’t automatically compressed. The actual compression is transparent to applications, both when the files or folders are being compressed and once the compression is completed.
Note: Compression can only be used with volumes that have a cluster size of 4 K or less. All compression options will be grayed out on volumes with larger cluster sizes due to performance issues when compressing data on these volumes.
The Windows NT Explorer
The Windows NT file system folders and files are viewed by using either the My Computer icon or the Windows NT Explorer. (As a Windows NT administrator, you will probably use the Windows NT Explorer to accomplish your system administrator tasks; it is the more direct method.) The Windows NT Explorer presents a vertically split window (shown in Figure 4.14). The left window is used to display disk drive icons, as well as folders and files. The right side displays the contents of the item that you clicked on the left.
Figure 4.14 The Windows NT Explorer.
Projects:
Practical Guide To Disk And File Administration
The following section provides real-life examples and step-by-step instructions on how to successfully administrate your file and disk subsystem. These examples make use of the graphical system-management tools; however, most functions do have a corresponding command-line tool that you can use instead. Accessing Help at the command prompt will provide you with more information on these command-line tools and their usage. After each change to the disk configuration, you will need to commit the changes and will be reminded to update your emergency repair disk to reflect your new configuration. The use of this disk configuration data is covered in more detail in Chapter 9.
|
)
)
){kind=link}
){kind=link}