NTFS Special Permissions

Windows also has a another set of permissions known as special permissions which are very focused permissions that make up standard permissions. To view or change these permissions, follow these steps.

1) Open the Access Control List (ACL) editor by right clicking the object (file or folder) and select "Properties" from the context menu. Open the security tab.

Access Control List ACL Editor

2) Click the "Advanced" button.

Access Control List ACL editor Advanced View

3) Select the user or group, and then click the "Edit" button.

Access Control List ACL Editor Special Permissions

The NTFS special permissions are explained in detail below.



Traverse Folder/Execute File

Traverse Folder allows to access a folder nested within a tree even if parent folders in that tree deny a user access to the contents of those folders. Execute File allows to run a program.

List Folder/Read Data

List Folder allows to see objects (files and folders) inside a folder. Read Data allows to open and view a file

Read Attributes

Allows to view basic attributes of an object (read-only, system, archive, and hidden)

Read Extended Attributes

Allows to view the extended attributes of an object. For example, summary, author, title, and so on for a Word document. These attributes will vary from program to program.

Create Files/Write Data

Create Files allows to create new objects within a folder; Write Data allows to overwrite an existing file

Create Folders/Append Data

Create Folders allows to nest folders. Append Data allows to add data to an existing file, but not delete data within that file or delete the file itself

Write Attributes

Allows to change the basic attributes of a file

Write Extended Attributes

Allows to change the extended attributes of a file

Delete Subfolders and Files

Allows to delete the contents of a folder regardless of whether any individual file or folder within the folder in question explicitly grants or denies the Delete permission


Allows to delete a single file or folder

Read Permissions

Allows to view NTFS permissions on an object, but not to change them

Change Permissions

Allows to both view and change NTFS permissions on an object

Take Ownership

Allows to take ownership of a file or folder. Owner can change permissions on an object. By default this permission is granted to administrator-level users.

Related Tutorials