Sometimes people want to allow users to create new items inside a given folder but not mess with the other things people have put there already. This can be done with Windows access control lists.
The trick is to give all users write privileges on the directory itself, but not apply that entry to subfolders and files. (Read permission to everyone can be granted on contents if desired.) Then, a full-power Allow entry for CREATOR OWNER can be added that applies to subfolders and files only, not the top folder. When a new object is created in the folder, its creator gains all privileges on that object only.
Based on my Super User answer.
No comments:
Post a Comment