CompTIA A_ Certification All-In-One Exam Guide, Seventh Edition - Michael Meyers [269]
* * *
NOTE Windows versions for home use have only a limited set of permissions you can assign. As far as folder permissions go, you can assign only one: Make This Folder Private. To see this in action, right-click a file or folder and select Sharing and Security from the options. Note that you can’t just select the properties and see a Security tab as you can in the professional-oriented versions of Windows. Windows Home versions do not have file-level permissions.
Permission Propagation
Permissions present an interesting challenge when you’re moving and copying files. Techs need to understand what happens to permissions in several circumstances:
Copying data within one NTFS-based partition
Moving data within one NTFS-based partition
Copying data between two NTFS-based partitions
Moving data between two NTFS-based partitions
Copying data from an NTFS-based partition to a FAT- or FAT32-based partition
Moving data from an NTFS-based partition to a FAT- or FAT32-based partition
Do the permissions stay as they were on the original resource? Do they change to something else? Microsoft would describe the questions as such: Do inheritable permissions propagate? Ugh. CompTIA describes the process with the term permission propagation, which I take to mean “what happens to permissions on an object when you move or copy that object.”
If you look at the bottom of the Security tab in Windows 2000, you’ll see a little check box that says Allow Inheritable Permissions from Parent to Propagate to This Object. In other words, any files or subfolders created in this folder get the same permissions for the same users/groups that the folder has, a feature called inheritance. Deselecting this option enables you to stop users from getting a specific permission via inheritance. Windows XP and Windows Vista have the same feature, only it’s accessed through the Advanced button in the Security tab. Windows also provides explicit Deny functions for each option (Figure 16-27). Deny overrules inheritance.
* * *
EXAM TIP Don’t panic about memorizing special permissions; just appreciate that they exist and that the permissions you see in the Security tab cover the vast majority of our needs.
Let’s look at our list of six things techs need to know to see what happens when you copy or move an object, such as a file or folder.
1. Copying within a partition creates two copies of the object. The object in the original location retains its permissions, unchanged. The copy of the object in the new location inherits the permissions from that new location. So the new copy can have different permissions than the original.
2. Moving within a partition creates one copy of the object. That object retains its permissions, unchanged.
3. Copying from one NTFS partition to another creates two copies of the object. The object in the original location retains its permissions, unchanged. The copy of the object in the new location inherits the permissions from that new location. So the new copy can have different permissions than the original.
Figure 16-27 Special permissions
4. Moving from one NTFS partition to another creates one copy of the object. The object in the new location inherits the permissions from that new location. So the newly moved file can have different permissions than the original.
5. Copying from an NTFS-based partition to a FAT- or FAT32-based partition creates two copies of the object. The object in the original location retains its permissions, unchanged. The copy of the object in the new location has no permissions at all.
6. Moving from an NTFS-based partition to a FAT- or FAT32-based partition creates one copy of the object. That object has no permissions at all.
From a tech’s standpoint, you simply need to be aware of how permissions can change when you move or copy files and, if in doubt about a sensitive file, check it before you sign off to a client. Having a top secret document totally locked down on a hard drive doesn’t do you a lot of good if you put that document