November 2000
Intermediate to advanced
216 pages
6h 3m
English
Content preview from Securing Windows NT/2000 Servers for the Internet
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Setting Permissions
Setting permissions on operating system objects such as files, directories, and registry keys provides a fine-grained access control mechanism. In Windows NT, access to objects is controlled by Discretionary Access Control Lists (DACLs). Each object in the operating system includes a DACL. Consider Example 2.2.
Example 2-2. A Sample DACL
stevesk: No Access Administrators: Write, Execute Users: Read
The DACL shown in Example 2.2 grants any member of the Administrators group Write and Execute permission. Members of the Users group have Read access. Permissions are cumulative. If a user is a member of both Users and Administrators, his effective access will be Read, Write, and Execute (the combined permissions of his user and the groups of which he’s a member). The user stevesk’s effective permission is “No Access,” regardless of which groups of which he is a member. This is because No Access overrides all other permissions.
Setting File-Level Permissions
The Windows NT File System (NTFS) supports the permissions shown in Table 2.9.
Table 2-9. The NTFS Permissions
|
NTFS Permission |
File |
Folder |
|---|---|---|
|
Read (R) |
Display the contents of a file and other data such as the owner and permissions. |
Display the contents of a folder and other data such as the owner and permissions. |
|
Write (W) |
Modify the file. |
Add files and folders to the folder. |
|
Execute (X) |
Run the file, if it’s an executable. |
Make changes to folders within the folder. |
|
Delete (D) |
Delete the file. |
Delete ... |
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.