IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Hardware & Software Remarks<br />

____________________________________________________________________ .........................................<br />

NTFS permissions initially become effective during local access. For<br />

example, if several users need to work on a computer, file and directory access<br />

rights can be granted appropriately to ensure that each user only has access to<br />

the data intended for him/her.<br />

NTFS permissions also become effective during access via the network.<br />

However, a prerequisite for access via a network is that the directory which<br />

needs to be accessed or which contains the required subdirectory or file must<br />

be shared and assigned a corresponding share permission beforehand (refer to<br />

S 2.94 Sharing of directories under Windows NT). During the interplay<br />

between share permissions and NTFS permissions, it must be noted that the<br />

more restrictive permission is conclusive in each case. NTFS permissions can<br />

be graded more finely than share permissions. In particular, it is possible to<br />

assign separate NTFS permissions for each subdirectory and file.<br />

Consequently, it is also possible to assign shares with the "full access" share<br />

permission for the user groups and domain users, and allocate the effective<br />

access rights via the NTFS permissions.<br />

NTFS permissions are classified as specific (or individual) permissions or<br />

predefined, standard permissions which constitute combinations of the<br />

specific access permissions.<br />

<strong>The</strong> following individual permissions are possible:<br />

R Read<br />

W Write<br />

X Execute<br />

D Delete<br />

P Change permissions<br />

O Transfer ownership<br />

From these individual permissions, default standard permissions have been<br />

combined under Windows NT.<br />

Standard permission Individual permissions<br />

No access –<br />

Read RX<br />

Change RWXD<br />

List RX<br />

Add WX<br />

Add and read RWX<br />

Full access RWXDPO<br />

Every owner of a file or directory has the right to grant and withdraw<br />

permissions for that file or directory. Every user who creates a file or directory<br />

automatically assumes ownership of this resource. Ownership of a file or<br />

directory can be transferred by means of the "Transfer ownership" option (O)<br />

to other users. However, this ownership only becomes effective once it has<br />

actually been obtained by the recipient. In contrast to other operating systems,<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!