[ Usenet FAQs | Web FAQs | Documents | RFC Index ]
Single Page
Top Document: comp.os.netware.security FAQ
Previous Document: 1.05 - What auditing functions does Accounting provide?
Next Document: 1.07 - What are groups?
-
Search the FAQ Archives
Single Page
Top Document: comp.os.netware.security FAQ
Previous Document: 1.05 - What auditing functions does Accounting provide?
Next Document: 1.07 - What are groups?
1.06 - What are trustees and trustee rights?
A trustee is any user or group that has been granted access rights
in a directory.
The access rights in Novell NetWare 2 are slightly different from
the ones in NetWare 3.
The following is a summary of access rights for NetWare 3.
S - Supervisory. Any user with supervisory rights in a directory
will automatically inherit all other rights, regardless of
whether they have been explicitly granted or not. Supervisor
equivalent accounts will hold this access right in every
directory.
R - Read. Enables users to read files.
C - Create. Enables users to create files and directories. Unless
they also have write access, they will not be able to edit
files which have been created.
W - Write. Enables users to make changes to files. Unless they also
have create access, they may not be able to edit files, since
the write operation can only be used to extend files (not
truncate them, which file editors need to do).
E - Erase. Enable users to erase files and remove directories.
M - Modify. Enable users to modify file attributes.
F - File scan. Enables users to see file and directory information.
If a user does not have file scan rights, they will not see any
evidence of such files existing.
A - Access control. Enable user to change trustee rights. They
will be able to add other users as trustees, remove trustees,
and grant/revoke specific rights from users. The only caveat
of access control is that it is possible for users to remove
themselves (as trustees) from directories, thus losing all
access control.
In addition to trustees and access rights, there is a concept of
inherited rights which means that users inherit rights from parent
directories. For example, if user ALICE has rights [CWEM] in a
directory, and she has [RF] rights in the parent directory then
she will have [RCWEMF] rights as a result of the inherited rights.
This will only work if one of the rights that ALICE has in the two
directories is granted to a group; if both are granted to her, she
will lose the rights of the parent.
Top Document: comp.os.netware.security FAQ
Previous Document: 1.05 - What auditing functions does Accounting provide?
Next Document: 1.07 - What are groups?
Single Page
[ Usenet FAQs | Web FAQs | Documents | RFC Index ]
Send corrections/additions to the FAQ Maintainer:
F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)
Last Update October 22 2009 @ 05:29 AM