-
February 24th, 2006, 10:14 PM
#1
Windows Permissions Question
Hi there,
I'm probably being stupid but does anyone know the difference between the permissions for a "share" for directory A and the permissions set on a directory A in a Windows environment?
That is the permissions set in the "sharing" tab and the permissions in the "security" tab.
Thanks in advance for any ideas
-
February 24th, 2006, 10:22 PM
#2
I'm not sure there is a difference...
What symptoms are you experiencing?
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 24th, 2006, 10:25 PM
#3
Thanks for the fast reply.
I'm not having any direct problems. It was on a worksheet i had to do in an internet services admin module earlier today and it had some questions throughout to make you think, but i just could not work that one out. I asked the guy running it and he could not remember.
:S
As far as i can think if you let a user or a group have access to the directory on the server then all the "share" permissions can do is act as another filter that can allow remote only filtering of who can do what. But that is only a guess.
-
February 24th, 2006, 10:52 PM
#4
Anyone who knows please feel free to jump in and correct me...
It's an NTFS files system I'm assuming....
As such the persmissions and rights are set at the filesystem level... whether the folder is shared or unshared. You apply permissions based on "known" users, (yes, there's Anonymous etc.), but the permissions are based on the authentication granted by the local computer or the domain, (excluding Anon etc.), so they shouldn't differ...
That's my thoughts on the issue... I'm fairly sure I am right... But the first sentence applies...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 25th, 2006, 12:35 AM
#5
Hi
I would say that these are two different access control mechanisms -
one for shared resources, one for the NTFS file system.
"You can control access to shared resources with a variety of methods.
You can use share permissions, which are simple to apply and manage.
Or, you can use access control on the NTFS file system, which provides
more detailed control of the shared resource and its contents."[1]
and most importantly:
"You can also use a combination of these methods. If you use a combination
of these methods, the more restrictive permission always applies"
So, I suggest you to play with it to get a feeling. Two typical scenarios:
a) Share is full access for Everyone; NTFS file system says: read only (except Administrator).
b) Share is read access for Everyone; NTFS file system says: full access for Everyone.
In both cases, connected as non-Administrator, you will be able to read only.
In anycase, I would prefer Scenario a): never trust share permission, set the
correct permissions on the file system.
Cheers
[1] http://technet2.microsoft.com/Window...29e5e1033.mspx
If the only tool you have is a hammer, you tend to see every problem as a nail.
(Abraham Maslow, Psychologist, 1908-70)
-
February 25th, 2006, 12:35 AM
#6
In a Windows network environment, the file and folder permissions (ACLs) are part of the file system (NTFS). In NTFS you can set permissions to a user or a group and it goes down to the file level and does not go up to the drive level. In the share permissions, this is a network access setting and provides another layer of access to the drive and folder level security. It doesn't go down to the file level, per se, but files inherit the share permissions of the parent folder (container).
How 'bout them apples?
-
February 25th, 2006, 12:39 AM
#7
You have to understand... I was talking about "per_s_missions" as oppsed to "permissions"... I hate typo's... LOL
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|