Directories |
- Read the contents of a directory. If you
do not select this permission, mode bits are used to determine
read access. To read the contents of a directory that is tagged
with this security policy, the user must also have read
permissions on the volume, the parent directory (if any), and
the file.
- Lookup or list the contents in a
directory. If you do not select this permission, mode bits are
used to determine lookup access. To lookup a file of directory
that is tagged with this security policy, the user must also
have read permissions on the volume and the lookup permission on
the directory.
- List the contents of a directory. If you
do not select this permission, mode bits are used to determine
directorylist access. To list the
contents of a directory that is tagged with this security
policy, the user must also have read permissions on the volume,
and lookup permission on all directories in the path (if
any).
- Add a file or subdirectory. If you do not
select this permission, mode bits are used to determine
permissions to create files or subdirectories. To add a child to
a directory that is tagged with this security policy, the user
must also have write permissions on the volume and the parent
directory, add child permission on the parent directory, and
read and execute permissions on all directories in the
path.
- Delete a file or subdirectory. If you do
not select this permission, mode bits are used to determine
permissions to create files and/or subdirectories. To delete a
child of a directory that is tagged with this security policy,
the user must also have write permissions on the volume and
delete child permission on the parent directory, and lookup
permissions on all directories in the path.
For more information, see Managing File and Directory ACEs. |
Files |
- Read a file. If you do not select this
permission, mode bits are used to determine read access to file.
To read a file that is tagged with this security policy, the
user must also have read permissions on the volume, and lookup
permission on all directories in path.
- Write to a file. If you do not select
this permission, mode bits are used to determine read access to
the file. To write to a file that is tagged with this security
policy, the user must also have write permissions on the volume,
and lookup permission on all directories in the path.
- Execute a file. If you do not select this
permission, mode bits are used to determine execute access to
the file. To execute a file that is tagged with this security
policy, the user must also have read permissions on the volume,
and lookup permission on all directories in the path.
For more information, see Managing File and Directory ACEs. |