NTFS Security

NTFS Folder Permissions

Read – Allows a user to see the files and subfolders in a folder, and to view folder properties.

Write – Allows a user to create new files and folders within the folder, change folder attributes and view folder properties.

List Folder Contents – Allows a user to view the contents of the folder.

Read and Execute – Allows a user to read the contents of a folder and Traverse Folders.

Modify – Allows a user to delete and modify the contents of a folder, and enables Read/Execute and Write permissions.

Full Control – Allows a user to modify permissions and to take ownership.

NTFS File Permissions

Read – Allows a user to read a file and view its properties.

Write – Allows a user to overwrite a file, change attributes, and view ownership and permissions.

Read and Execute – Allows a user the right to run applications and read a file.

Modify – Allows a user to modify and delete a file and also allows Read/Execute and Write Permissions.

Full Control – Gives the user full-control over a file, allowing the user to modify permissions and take ownership.

Permission Inheritance

By default all files and folders inherit permissions from their parent. If Read Permission is allowed to the parent folder, all child files and folders below it will also be given Read Permission. This is known as Permission Inheritance.

Windows also allows you to block Permission Inheritance, and assign permissions to files and folders individually.