Week 2 - Permissions Flashcards
What does ACL stand for? What is it?
Access Control Lists are comprised of Access Control Entries (ACE)
It controls the level of permission/file access given to each user
What does DACLs stand for? What is it?
DACLs are Discretionary Access Control Lists
They note who can use a file and what they can do with it
What does SACLs stand for? What does it ask Windows to do?
System Access Control Lists
It asks Windows to use an event log to keep track of the files and folders being accessed by each user
How do you navigate to the permissions window in windows?
Explorer > Home Directory > Right Click Desktop > Properties > Security
What’s the command to see which ACLs are assigned to a file/directory? w
icacls filepath
icacls /? for help
What does OI and CI DACLs stand for? What do they mean?
OI object inherit
CI container inherit
this means if I create a new object inside the location they’ll INHERIT the DACL
Each file and folder will have an ____and one or more ___?
Each file and folder will have an owner and one or more DACLs
If an object’s DACL has no ACE, what happens?
It denies all access attempts since there’s no access control entries for the DACL
How many permissions are available on windows and what are they?
- read (see file/directories)
- read and execute (read, execute)
- list folder contents (read, execute)
- write (write, change, create)
- modify (read, write, execute)
what are the permissions available on linux? 3
- read
- write
- execute
on Linux what’s the command to see file permissions?
ls -l ~/filename
For me it worked:
ls -l filename.txt
What does a dash in the file type (1st in front) permission search mean? Linux
it’s a regular file
How are the file permissions details broken up in Linux?
- file type in front
- 1st trio is the permission of the owner of the file
- 2nd trio is the permission of the group who owns the file
- 3rd trio is the permission of all other users
How do you see ACL assigned to a file/permissions? Windows
icacls
What’s the process to change a user’s permissions/access to a folder on windows? (Adding the user to change their permissions)
right click file/folder target > properties > security > edit file permissions > add > enter username of user want to add permission to > OK
then check the boxes of permissions for them
What happens when you deny a user that is in a group that has access?
the user is still denied if the group has access
When does icacls need single quotes and why?
icacls was designed for Command Prompt and its parameters with special characters (parenthesis) confuse PS
We surround icacl’s parameters with single quotes to tell it not to interpret certain parameters as code
What are guest users?
can use a computer without entering a password
What is an authenticated users group? windows
a group that doesn’t include guest users
How do you modify a file/folder permission in the CLI?
Windows
icacls ‘filepath’ /grant ‘Everyone:(OI)(CI)(R)’
permission parameters will vary
How do you only let non-guest users see a file or folder and any future modifications? w
icacls ‘filepath’ /grant ‘Authenticated Users: (OI)(CI)(R)’
How do you remove file permissions for a group? w
icacls ‘filepath’ /remove Everyone