Reading the access attributes of directories in Windows

[Nobody]

On Fri, 20 Aug 2010 00:04:29 +0200, Thomas Jollans wrote:

> This brings up an interesting, but probably quite complicated question: is it 
> reasonable to try to express Windows permissions using full POSIX ACLs

> Do Windows NT permissions do anything more? Or, apart from the
> "executable" bit, anything less, for that matter?

1. There are far more permission types than just "rwx". Specifically:

For files:

Execute File
Read Data
Write Data
Append Data

For folders:

Traverse Folder
List Folder
Create Files
Create Folders
Delete Subfolders and Files

For both:

Full Control
Read Attributes
Read Extended Attributes
Write Attributes
Write Extended Attributes
Delete
Read Permissions
Change Permissions
Take Ownership

Note that files/folders have a distinct "Delete" permission, as well as
the "Delete Subfolders and Files" permission on the parent folder.

Unix lacks the "Append Data" permission for files, and the "Create Files",
"Create Folders" and "Delete Subfolders and Files" correspond to having
write permission on a directory.

On Unix, you can read permissions (and attributes if the filesystem has
them) for any file which you can "reach" (i.e. have "x" permission on all
ancestor directories). You can only change permissions (and some
attributes) if you own the file, and only root can change ownership (and
change some attributes).

2. Permissions can be inherited from the "parent object" (which isn't
necessarily the parent folder). If you change a permission on the parent
object, it automatically affects any file or folder which inherits the
permission.

3. The owner can be either a user or a group.

4. On Windows, a file cannot be "given away" either by its owner or an
administrator. You can grant the "Take Ownership" permission, but
the recipient still has to explicitly change the ownership.