Ensuring the Security of Files

Among the most powerful security features of Windows XP and Windows 2000 are those that enable you to restrict access to files and folders, both on the local computer and across network shares. In this section, we look at the sometimes confusing mechanisms you need to master to take advantage of these features.

Using NTFS Permissions

For every object stored on a volume formatted with the NTFS file system, Windows maintains an access control list (ACL). As its name implies, this list defines which users are allowed access to that object—typically a file or folder—and which users are denied access. Individual items in the ACL are called access control entries (ACEs) and are made up of the following information:

The SID ...

Get Microsoft® Windows® XP Networking and Security Inside Out: Also Covers Windows 2000 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® Windows® XP Networking and Security Inside Out: Also Covers Windows 2000 by Ed Bott, Carl Siechert

Ensuring the Security of Files

Using NTFS Permissions

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly