|
Traverse Folder/Execute |
File Traverse Folder allows or
denies moving through folders to
reach other files or folders,
even if the user has no
permissions for the traversed
folders (applies to folders
only). Traverse folder takes
effect only when the group or
user is not granted the Bypass
traverse checking user right in
the Group Policy snap-in. (By
default, the Everyone group is
given the Bypass traverse
checking user right.) Execute
File allows or denies running
program files (applies to files
only).
|
|
List Folder/Read Data |
List Folder allows or denies
viewing file names and subfolder
names within the folder (applies
to folders only). Read Data
allows or denies viewing data in
files (applies to files only).
|
|
Read Attributes |
Allows or denies viewing the
attributes of a file or folder,
such as read-only and hidden.
Attributes are defined by NTFS.
|
|
Read Extended Attributes |
Allows or denies viewing the
extended attributes of a file or
folder. Extended attributes are
defined by programs and may vary
by program.
|
|
Create Files/Write Data |
Create Files allows or denies
creating files within the folder
(applies to folders only). Write
Data allows or denies making
changes to the file and
overwriting existing content
(applies to files only).
|
|
Create Folders/Append Data |
Create Folders allows or denies
creating folders within the
folder (applies to folders
only). Append Data allows or
denies making changes to the end
of the file but not changing,
deleting, or overwriting
existing data (applies to files
only).
|
|
Write Attributes |
Allows or denies changing the
attributes of a file or folder,
such as read-only or hidden.
Attributes are defined by NTFS.
|
|
Write Extended Attributes |
Allows or denies changing the
extended attributes of a file or
folder. Extended attributes are
defined by programs and may vary
by program.
|
|
Delete Subfolders and Files |
Allows or denies deleting
subfolders and files, even if
the Delete permission has not
been granted on the subfolder or
file.
|
|
Delete |
Allows or denies deleting the
file or folder. If you don't
have Delete permission on a file
or folder, you can still delete
it if you have been granted
Delete Subfolders and Files on
the parent folder.
|
|
Read Permissions |
Allows or denies reading
permissions of the file or
folder, such as Full Control,
Read, and Write.
|
|
Change Permissions |
Allows or denies changing
permissions of the file or
folder, such as Full Control,
Read, and Write.
|
|
Take Ownership |
Allows or denies taking
ownership of the file or folder.
The owner of a file or folder
can always change permissions on
it, regardless of any existing
permissions that protect the
file or folder.
|
|
Synchronize |
Allows or denies different
threads to wait on the handle
for the file or folder and
synchronize with another thread
that may signal it. This
permission applies only to
multithreaded, multiprocess
programs.
|
