NTFS Permissions

NTFS provide detailed control of access to files and folders. File or Folder access permissions are stored as access control entries (ACEs) on an Access Control List (ACL) kept in the security descriptor of each resource. When an attempt is made by a ueser to access a file or a folder, the user’s security access token, which contains the Security Identifiers (SIDs) of the user’s account and group accounts, is compared to the SIDs in the ACEs of the ACL.

Windows supports two different views of permissions: standard permissions and special permissions. Standard permissions are often sufficient to be applied to files and folders on a disk, whereas special permissions break standard permissions down into finer combinations and enable more control over who is allowed to do what functions to files and folders (objects) on a disk.

We can configue NTFS permissions using Windows Explorer. To open the Access Control List (ACL) editor, right click the object and select "Properties" from the context menu. Open the security tab.

Access Control List ACL Editor

Related Tutorials