I am new to sharepoint, but if you have a document that you want to allow a user to upload to a SP site - but once uploaded only offer the document as a read-only to everyone except the original "uploader" (who can modify if they want).
1) Can you elaborate where you set the files access control list, and can this type of setup be achieved? And can anyone show a screenshot of how the access control list to the file looks, i.e. where you can demonstrate who can access, edit, modify etc, to satisfy auditors?
2) And also how can you see revision history of that document, i.e. any amendments made, can you show a screenshot of how and where you can see the actual audit logs for amendments made to the document, to also satisfy auditors.
3) where do sharepoint documents "go", i.e. are they sat on say a file share on the sharepoint server, or do they go into an actual MSSQL DB? If they go on a file share, would the NTFS permissions mirror the sharepoint permissions for the file?
I am doing this blind, as I don't currently have access to a sharepoint site to demonstrate this, but I am pretty sure it can be done.