Hi guys! Nice forum!

I need some clarification on NTFS permission settings.

If I check "Allow" for the "Modifiy" permission template for "User X" on folder "Parent", this means Mr.X will get the "Delete" permission, but not the "Delete Subfolders and Files" permission (at least that's what it says in the windows help). Assuming permission inheritance is allowed (as it is by default) "User X" would thus have permission to delete a file located in, for example, "Parent/Subfolder/".

My point is that the "Delete" permission would propagate to the subfolders and files of "Parent" causing (even if the "Delete Subfolders and Files" permission is not granted by the "Modify" template) "User X" to be able to delete subfolders and files.

Is this sound reasoning or is there something that would prevent "User X" from deleting subfolders or files?

Thanks a lot!



Well that is correct to some extent. Yes, a propogated permission, allowing "User X" to delete a parent folder, would by nature delete the contents of the folder, the sub-folders and files.

If for some reason, one of the sub-folders did not allow "User X" modify permissions, (because this has been explicitly set), then "User X" would not be able to delete the parent folder.

Windows would delete all sub-folders and files, until it got to this folder, and stop, giving an "access is denied" error, and would leave the parent containing this folder, and any other files / folders it hadn't got around to.

Thanks Marty!

Let me refine my question. In the situation I have described above, if User X attempts to delete only a subfolder of the "parent" folder, as opposed to deleting the whole "parent" folder AND it's subfolders, would he be allowed to do it? My reasoning is that he would because the subfolder has inherited the modify permission for User X.


Thanks again!

Ah, sry.

Yes, I agree with you, that would be correct.