Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.os.netware.security FAQ
Section - 1.06 - What are trustees and trustee rights?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Forum ]


Top Document: comp.os.netware.security FAQ
Previous Document: 1.05 - What auditing functions does Accounting provide?
Next Document: 1.07 - What are groups?
See reader questions & answers on this topic! - Help others by sharing your knowledge

    A trustee is any user or group that has been granted access rights
    in a directory.
    
    The access rights in Novell NetWare 2 are slightly different from
    the ones in NetWare 3.

    The following is a summary of access rights for NetWare 3.

    S - Supervisory. Any user with supervisory rights in a directory
	will automatically inherit all other rights, regardless of
	whether they have been explicitly granted or not. Supervisor
	equivalent accounts will hold this access right in every
	directory.

    R - Read. Enables users to read files.
    
    C - Create. Enables users to create files and directories. Unless
	they also have write access, they will not be able to edit
	files which have been created.
    
    W - Write. Enables users to make changes to files. Unless they also
	have create access, they may not be able to edit files, since
	the write operation can only be used to extend files (not
	truncate them, which file editors need to do).
    
    E - Erase. Enable users to erase files and remove directories.
    
    M - Modify. Enable users to modify file attributes.
    
    F - File scan. Enables users to see file and directory information.
	If a user does not have file scan rights, they will not see any
	evidence of such files existing.
    
    A - Access control. Enable user to change trustee rights. They
	will be able to add other users as trustees, remove trustees,
	and grant/revoke specific rights from users. The only caveat
	of access control is that it is possible for users to remove
	themselves (as trustees) from directories, thus losing all
	access control.

    In addition to trustees and access rights, there is a concept of
    inherited rights which means that users inherit rights from parent
    directories. For example, if user ALICE has rights [CWEM] in a
    directory, and she has [RF] rights in the parent directory then
    she will have [RCWEMF] rights as a result of the inherited rights.
    This will only work if one of the rights that ALICE has in the two
    directories is granted to a group; if both are granted to her, she
    will lose the rights of the parent.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:



Top Document: comp.os.netware.security FAQ
Previous Document: 1.05 - What auditing functions does Accounting provide?
Next Document: 1.07 - What are groups?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)




Last Update March 27 2014 @ 02:11 PM