Windows access is default-deny.
Windows folder permissions:
- Read — Permits viewing and listing of files and subfolders
- Write — Permits adding of files and subfolders
- Read & Execute — Permits viewing and listing of files and subfolders as well as executing of files; inherited by files and folders
- List Folder Contents — Permits viewing and listing of files and subfolders as well as executing of files; inherited by folders only
- Modify — Permits reading and writing of files and subfolders as well as executing of files; allows deletion of the folder
- Full Control — Permits reading, writing, changing, and deleting of files and subfolders
Windows file permissions:
- Read — Permits viewing or accessing of the file’s contents
- Write — Permits writing to a file
- Read & Execute — Permits viewing and accessing of the file’s contents as well as executing of the file
- List Folder Contents — N/A
- Modify — Permits reading and writing of the file as well as executing of the file; allows deletion of the file
- Full Control — Permits reading, writing, changing and deleting of the file
The biggest differences between Windows and UNIX permissions:
- Windows doesn’t have as fine-grained of control for a given user or group.
- Windows has much more fine-grained control across users and groups (there’s no limit of three permission sets).
- The ability to delete a folder or file, and to change its permissions, are essentially considered to be distinct “sub-permissions”.
As much as it pains me to say it, in many ways the Windows permission mode is much better than the (pre-ACL) Linux model.