Join Log in
Score:-5
Colin Jack avatar Server

NTFS file owner is able to delete a file with read permission

ve flag
Colin Jack

I have a file on NTFS partition, and I'm the owner of this file .

I have the read permission only on this file and no other permissions are set.

I tried to delete the file thinking it will show "Access is Denied " message ,but i was able to delete the file !

I created a folder and tried the same ,but I was not able to delete it !

how is that possible to delete a file with read permission only ? is it because I'm the owner or using administrator account?

if so , why the same rule don't apply on folders ?

Here is a .gif image to show you what I mean: enter image description here

Regards

66
0 + 0
Colin Jack avatar
ve flag
Colin Jack
Please Instead of giving negative feedback , ask me in the comments if there was anything unclear
0
Reply
djdomi avatar
za flag
djdomi
xp is EOL so offtopic on serverfault.com
1
Reply
Colin Jack avatar
ve flag
Colin Jack
I know , but people need to learn and the same rule apply to newer Operating Systems , all I saw was negative opinion about this topic , sorry for asking and the Moderator can delete my question
0
Reply
Score:4
avatar Server
dz flag
Don Zoomik

In NTFS, owner implicitly and effectively (you can write DACL, granting yourself any permission) has full permissions on files (IIRC folders as well), despite DACL entries. Reference

Workaround is to use special SID in DACL: S-1-3-4 "Owner Rights"

It replaces implicit permissions with explicit ones defined by you.

0 + 0
Colin Jack avatar
ve flag
Colin Jack
Thanks a lot for the reply , Forgive my poor knowledge the owner can assign himself any permission ,but in my case why other permissions like modify the contents of the file don't apply ? only the read (to view the contents of the file ) which explicitly defined and delete (to delete the file itself - implicitly defined ) would apply ? and why the same scenario won't apply to folders and files and subfolders that are contained within ?
0
Reply
Colin Jack avatar
ve flag
Colin Jack
I Uploaded a gif image in the question above , please take a look for better understanding and thanks in advanced .
0
Reply
dz flag
Don Zoomik
Your GIF is on XP. On Windows 10 I get access denied on CLI and UAC/admin prompt for GUI. THB, I would think that this could be a small behavioral change between OS versions, or Explorer does some silent ACL fixup in the background. I have some faint (possibly false) memory that Owner used to mean something different a long ago but can't find any reference to that, it has probably long since been removed from online documentation. Maybe I'll spin up a an ancient VM later to try it out myself later.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.