For instance you may find that all users need read access to A and B1, but only users in department X33 need access to B2 and only the one guy in the basement ever makes changes to C1.
Note below:
Yong Hu wrote:
A - grant read to authenticated (gives all valid users access) B1 - nothing. inherits from A. C1 - grant write to Carl B2 - grant read to root (make sure someone has access) - deny read to authenticated (makes this private)
However, if we set "deny read to authenticated" to B2, we are unable to have B2 inherit some privileges it ought to inherit.
For example, if user Allen has read privilege on A and we wish this privilege
can be inherited to all A's subfolders. Now we have a new user Carl and we want to assign write on C1 to him. If we follow your way to implement, then
the result is A will lose the read privilege on B2. Is this correct?
You can deny read access on B2 to Carl directly, if you want. By denying access to authenticated you're essentially saying "this section is private and has its own set of access permissions separate from the rest of the tree".
-James
regards,
Jun
--------------------------------- Do You Yahoo!? 150äæMP3ççæïåæéåéäæå çåææåæåæïæéçåãèååéå 1Gåæ1000åïéèçéèåæåï
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
