Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 279
  • Last Modified:

Privilege precedence

I have a top level directory in which I assign a certain group to have only read privileges. In a sub-directory inside that directory I have a folder where I assign a user to have full privileges to write files to it. That user is a member of the group that has only read privileges. Is there a conflict created in the sub-directory where I assigned the user to have full rights? Which get the precedence? The group privileges  or the user privileges ?
0
CodeParadise
Asked:
CodeParadise
2 Solutions
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
privileges are given to a folder, and can be given to all the children explicitely or implicitely.
you have to check if the permissions on the child folder are "inherited" or not, ie if they take the inherited permissions or not.

now, granted privileges will accumulate, so if the users has no permissions itself, but the group he is part of has full control, the user has full control.
if the group has no permissions, but the user was granted full control, he will keep full control

only if at some point there is a deny, that overrides any granted permissions
0
 
Donnie4572Commented:
Permissions are accumaltive.

Example:
If I am a member af group1, group2, and group3
Group1 = read
Group2 = modify
Group3 = Full Control

My effective permission is Full Control. No conflict with this design.

Lets suppose that I am a member of Group4 which has been assigned the deny permission.
My effective permission is denied because deny always overides all allow permissions for that resource.
0
 
CodeParadiseAuthor Commented:
Thanks angelIII  and Donnie4572!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now