A Brief History of NTFS
To help control access to NTFS objects, NTFS version 1.2 introduced the $SECURITY_DESCRIPTOR that was embedded into the MFT (Master File Table).
The structure of $SECURITY_DESCRIPTOR required specific information from each file and folder. Because many files and folders have identical information, the repetitive records in this attribute proved to take up too much valuable drive space. As well, it took a longer time to search the MFT.
To improve on this, NTFS version 3.0 introduced a new field — Security ID in the $STANDARD_INFORMATION attribute as a link to a new metadata file — $Secure — to operate as a central file system security database.
- NTFS Permissions
- Setting Permissions
- File and Folder Basic Permissions
- File and Folder Advanced Permissions
- Effective Permissions
- Changing Ownership of Files and Folders
- Moving and Copying Protected Files
- Troubleshooting Access to Files and Shared Folders
- Permissions for Other Objects
- User Rights vs. NTFS Permissions
- Share Permissions vs. NTFS Permissions
- Explicit vs. Inherited Permissions
- Allow vs. Deny Permissions
- Permission Precedence
- Combining Shared Folder Permissions and NTFS Permissions
- Sharing and Adding Permissions
- Backing up and Restoring NTFS Permissions on a Specified Volume
- Off-line Access to Shared Folders (Caching)
- Metafile $Secure
- Appendix. Script to Backup or Restore NTFS Permissions