WIndows文件访问控制

发布于 2024-10-11 20:47:29 字数 294 浏览 4 评论 0原文

我在 Windows 2003 NTFS 文件系统上有一个文件。它称为 C:\MyFolder\MyFile.txt。首先授予用户对该文件的读取权限。然后我删除用户对父文件夹的读取权限。

现在,用户无法使用Windows资源管理器浏览该文件夹并双击在记事本中打开。用户可以转到“开始”(菜单)“运行”并输入“C:\MyFolder\MyFile.txt”,该文件将在记事本中加载。

有人可以向我指出一些 MSDN 文档来解释这是为什么吗?我已经尝试了所有我能想到的谷歌和必应查询。

非常感谢

I have a file on a Windows 2003 NTFS file system. It is called C:\MyFolder\MyFile.txt. First grant a user read access to the file. Then I remove the user's read access to the parent folder.

Now the user cannot use Windows Explorer to browse the folder and double click to open in Notepad. The user can go to Start (menu) Run and enter "C:\MyFolder\MyFile.txt" and the file will load in Notepad.

Can someone point me to some MSDN documentation that explains why this is? I've tried all the google and bing queries I can think of.

thanks much

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

指尖凝香 2024-10-18 20:47:29

请参阅本页表格中的“遍历文件夹”权限:

http://technet.microsoft.com/en-us/library/cc787794(WS.10).aspx

See the 'Traverse Folder' permission in the table on this page:

http://technet.microsoft.com/en-us/library/cc787794(WS.10).aspx

青巷忧颜 2024-10-18 20:47:29

对我来说,这听起来更像是一篇 TechNet 文章,而不是 MSDN 文章。

如果您将目录/文件夹视为不是文件柜文件夹,而是粘贴在文件柜前面的索引卡,用于说明文件柜中的内容。这实际上就是文件系统上的文件夹(文件所在位置的索引)。

因为您拒绝了用户对文件夹中内容的权限,所以您也拒绝了他们访问索引卡。但是,如果他们知道他们想要的确切文件,那么他们仍然可以访问他们有权访问的文件,因为这不需要检查索引卡。

在幕后,它显然要复杂一些,但这是基本视图。当我在大学时,我看到这种技术在 *nix 环境中被大量使用,以向当前批次的学生隐藏前几年的作业。然而,由于他们没有删除某些文件的权限,导师仍然可以引导他们查看前几年的特定示例。

It sounds more like a TechNet article than an MSDN one to me.

If you think about a directory/folder as not a file cabinet folder but rather a index card stuck to the front of the cabinet to say what is in the cabinet. This is effectively what a folder is on the file system (a index to where the files are.)

Because you have denied the user rights to what is in the folder you have denied them access to the index card. However, if they know the precise file they want then they can still access to the file which they have permissions for as this doesn't require a check on the index card.

Behind the scenes it is obviously a little more complicated but that is the basic view. I saw this technique used quite a bit on the *nix environments when I was at Uni to hide previous years assignments from the current batch of students. However, because they hadn't removed permissions from some files the tutors could still direct them to specific examples from previous years.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文