Re: User rights.
From: Rob (rpayne1@cogeco.ca)
Date: 05/22/02
- Next message: balerno: "Downloaded Program Files"
- Previous message: JT Garin: "Re: Nero HD BackUP.."
- In reply to: Roger Abell: "Re: User rights."
- Next in thread: Roger Abell: "Re: User rights."
- Reply: Roger Abell: "Re: User rights."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rob" <rpayne1@cogeco.ca> Date: Wed, 22 May 2002 08:12:02 -0700
> An account has for permissions and rights the sum of
> all permissions and rights granted to any and all groups
> of which the account is a member, minus all rights and
> permissions that are denied to it.
>From this I think I can infer that I am a member of both the administrator
group as well as the user group and as such denying delete rights to the
user group denies this right to me also ?
> I am an administrator and should have cart blanch on the system. I should
be able to delete files at will.
So no, carte blanch for Administrators is not included - but the door key,
of
> always being able to take ownership, is.
I understand there are some directories on the system that even I can't do
anything with. These would include system critical files and directories. I
also understand the need for this type of protection in most cases.
> In your situation you might consider defining a custom
> group, ControlledUsers or whatever you wish, and placing
> those accounts as members of it. Then, use this group to
> deny (i.e. override any grant of) write in areas, or to grant
> modify in others.
So therefore the assumption I made was correct in that I do need to create a
new group and include my Son and my Wife only in it. does this also mean
that I can't assign rights on a user level as I can in other multi user
systems that I will not mention here "Novell or UNIX.... oops". Can I assign
rights on a file level also ?
Keep in mind that modify includes delete.
> (renaming in a sense creates the new and deletes the old)
>
> For the directory control you mentioned for one area, the
> modify/delete contention is handled by granting write (but
> not modify) which enables creation, and also granting a
> modify to the Creator Owner built-in .
>
Thank you for the information Roger it would seem you are the only one
'Brave' enough to answer the questions I put forth I will do as you have
stated and play with it a bit. other systems I have used define modify as
something a bit different than what you stated. ie modify is more of an
append rather than a recreation of the file as you seem to have implied.
> --
> Roger Abell
> MVP (Windows Platform) Associate Expert
> The Expert Zone - www.microsoft.com/windowsxp/expertzone
>
- Next message: balerno: "Downloaded Program Files"
- Previous message: JT Garin: "Re: Nero HD BackUP.."
- In reply to: Roger Abell: "Re: User rights."
- Next in thread: Roger Abell: "Re: User rights."
- Reply: Roger Abell: "Re: User rights."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
