File and Folder Permissions
Applies To: Windows Server 2008
The following table lists the access limitations for each set of special NTFS permissions.
Special Permissions | Full Control | Modify | Read & Execute | List Folder Contents (folders only) | Read | Write |
---|---|---|---|---|---|---|
Traverse Folder/Execute File |
x |
x |
x |
x |
||
List Folder/Read Data |
x |
x |
x |
x |
x |
|
Read Attributes |
x |
x |
x |
x |
x |
|
Read Extended Attributes |
x |
x |
x |
x |
x |
|
Create Files/Write Data |
x |
x |
x |
|||
Create Folders/Append Data |
x |
x |
x |
|||
Write Attributes |
x |
x |
x |
|||
Write Extended Attributes |
x |
x |
x |
|||
Delete Subfolders and Files |
x |
|||||
Delete |
x |
x |
||||
Read Permissions |
x |
x |
x |
x |
x |
x |
Change Permissions |
x |
|||||
Take Ownership |
x |
|||||
Synchronize |
x |
x |
x |
x |
x |
x |
Important
Groups or users granted Full Control on a folder can delete any files in that folder regardless of the permissions protecting the file.
Note
Although List Folder Contents and Read & Execute appear to have the same special permissions, these permissions are inherited differently. List Folder Contents is inherited by folders but not files, and it should only appear when you view folder permissions. Read & Execute is inherited by both files and folders and is always present when you view file or folder permissions.
Note
In this version of Windows and Windows Server 2003, by default the Everyone group does not include the Anonymous group, so permissions applied to the Everyone group do not affect the Anonymous group.