File and folder permissions are used in Windows to secure data and prevent unauthorized access to that data by people who are not supposed to have access to it. Other operating systems besides Windows such as Linux and Mac OS use file and folder permissions as well to secure their files.
A file system is used by an operating system such as Windows to track and logically organize files for storage and retrieval. Most file systems use some sort of a tree structure to organize folders making it easy for people to find. File systems also set standards for naming conventions for naming files such as the maximum characters in a file name and how extension works such as .doc for Microsoft Word files.
The following list describes Windows NTFS (New Technology File System) and how permissions affect what a user can and cannot do to a file or folder. NTFS is more advanced than the FAT file system used by the earlier Windows operating systems. It supports file system recovery, extremely large storage media, long filenames, improved security and the ability to reconstruct files in the event of hardware failures.
Here are the standard permissions:
Read – Allows a user to view the contents of a folder, of the contents of a file. The user cannot view the contents of subfolders.
Write – Allows a user create files and folders, but not read the contents of any files and folders he did not create.
Modify – A full combination of both Read and Write permissions. A user can also delete files within a folder that has this permission. She can also view the contents of subfolders.
Read & Execute – The Read permission with the ability to read file and folder permissions, along with the contents of subfolders.
List Folder Contents – The same as Read & Execute, without the ability to execute files.
Full Control – Allows a user to read, execute, create, and delete data, along with the added ability to assign other user accounts permissions to the object.
Here are the basic share permissions that are used along with NTFS permissions. While share permissions are not as detailed as NTFS permissions, they allow you to configure a shared folder for fundamental access scenarios.
Users can display folder names, file names, file data and attributes. Users can also run program files and access other folders within the shared folder.
Users can create folders, add files to folders, change data in files, append data to files, change file attributes, delete folders and files, and perform actions permitted by the Read permission.
Users can change file permissions, take ownership of files, and perform all tasks allowed by the Change permission.