NTFS Permissions to Hide Files or Folders

Archived from groups: microsoft.public.win2000.file_system (More info?)

How do I,
Configure NTFS Permissions to Hide Files or Folders from
Unauthorized Users

Novell NetWare administrators can configure permissions so
that users cannot see files or folders in the file system
for which the users do not have Read access by removing
the File Scan (F) permission. Is this type of access
control in the NTFS file system. Therefore, users can view
the contents of any folder for which the user has the List
permission. Removing the List permission for the folder
prevents the user from gaining access to any file in the
folder, and what is needed is the old ability to give a
list, or view yes/no for a user group, maybe in the gpo,
a .adm file, or ntfs acl lists?

Please help
CTH
herndon@tagesspiegel.de
3 answers Last reply
More about ntfs permissions hide files folders
  1. Archived from groups: microsoft.public.win2000.file_system (More info?)

    there is no equivalent in NTFS; you can only deny them access to view the
    contents, not the mere existence. That's unique to NetWare.


    "> How do I,
    > Configure NTFS Permissions to Hide Files or Folders from
    > Unauthorized Users
    >
    > Novell NetWare administrators can configure permissions so
    > that users cannot see files or folders in the file system
    > for which the users do not have Read access by removing
    > the File Scan (F) permission. Is this type of access
    > control in the NTFS file system.
  2. Archived from groups: microsoft.public.win2000.file_system (More info?)

    There is a 3rd party product which will deliver the solution you're
    looking for. It's called "Cloak" and you can get more information here
    -> http://scriptlogic.com/cloak (you can even d/l an eval version and
    try before you buy).

    In my opinion, there are three primary reasons you'd want hide files &
    folders in the Windows enterprise (excluding the fact that hiding
    subfolders is part of all the other major NOS vendors, including
    NetWare and Linux).

    1) "out of sight - out of mind" adds a layer of security. Ever hear the
    phrase 'curiosity killed the cat'? Some folks will certainly debate
    this point, saying that showing someone the door to the safe doesn't
    mean it is any easier to gain access to. Counter point being that if no
    one knows the safe is there, no one will try to gain access in the
    first place. And I guess that is why they sell wall safes and floor
    safes for homes, right?

    2) The 'streamlined user experience.' If you map drives (or use UNCs)
    to get to departmental shares, don't you think a user is more
    productive and less confused if they only see the 4 folders they have
    access to rather than 30 folders (26 of which they can't access
    anyway)?

    3) More accurate file system auditing. If you audit your file system
    access, hided file & folders will reduce the number of 'false
    positives' in your security event log. Now you can actually pay
    attention to the 'Object Access - Failure' events since they can't be
    chalked up to accidental mouse clicks in Explorer.
  3. Archived from groups: microsoft.public.win2000.file_system (More info?)

    Very interesting!
    But how can I d/l?
    I tried but didn't succeed to...

    Thank you!

    "Kilroy" wrote:

    > There is a 3rd party product which will deliver the solution you're
    > looking for. It's called "Cloak" and you can get more information here
    > -> http://scriptlogic.com/cloak (you can even d/l an eval version and
    > try before you buy).
    >
    > In my opinion, there are three primary reasons you'd want hide files &
    > folders in the Windows enterprise (excluding the fact that hiding
    > subfolders is part of all the other major NOS vendors, including
    > NetWare and Linux).
    >
    > 1) "out of sight - out of mind" adds a layer of security. Ever hear the
    > phrase 'curiosity killed the cat'? Some folks will certainly debate
    > this point, saying that showing someone the door to the safe doesn't
    > mean it is any easier to gain access to. Counter point being that if no
    > one knows the safe is there, no one will try to gain access in the
    > first place. And I guess that is why they sell wall safes and floor
    > safes for homes, right?
    >
    > 2) The 'streamlined user experience.' If you map drives (or use UNCs)
    > to get to departmental shares, don't you think a user is more
    > productive and less confused if they only see the 4 folders they have
    > access to rather than 30 folders (26 of which they can't access
    > anyway)?
    >
    > 3) More accurate file system auditing. If you audit your file system
    > access, hided file & folders will reduce the number of 'false
    > positives' in your security event log. Now you can actually pay
    > attention to the 'Object Access - Failure' events since they can't be
    > chalked up to accidental mouse clicks in Explorer.
    >
    >
Ask a new question

Read More

File System NTFS Configuration Permissions Windows