SETUP: File Delete Child Directory Permission in NTFS

ID: Q152763

The information in this article applies to:
  • Microsoft Windows NT Workstation versions 3.5, 3.51, 4.0
  • Microsoft Windows NT Server versions 3.5, 3.51, 4.0
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server

SUMMARY

Windows NT supports a hidden permission called File Delete Child (FDC) on NTFS volumes. Users who have full control permission on a volume or directory also have the FDC permission. This permission allows a user to delete files at the root level of the directory where they have full control, even if they do not have any permissions on the specific file itself.


MORE INFORMATION

The FDC permission only gives the user the right to delete files at the root level of the directory in which they have full control rights, they cannot delete sub directories, or files nested within sub directories. The FDC permission is based on the concept that if a user owns a directory, they should be able to delete files within that directory, even if they do not have specific permissions for every file.

If an administrator does not wish to grant a user the FDC permission, the administrator can use the special permissions option and grant the user every permission except full control.

This permission was created to maintain POSIX compliance. It is equivalent to the UNIX directory write permission. The behavior of this permission cannot be changed in the User Interface or through the registry.

The following example illustrates the use of the FDC permission. Listed below are the default permissions of both root directory of drive C and the Windows NT system root directory, normally C:\Winnt. 


   Everyone    Full Control ( All ) ( All )


In this case, everyone has full control of this directory, and can delete any file at the root level of either directory. If the guest account was enabled, even a guest could delete a file, regardless of any special permissions the file itself may have.

For example, suppose you add the file MyFile.txt to the root of drive C. You then set the permissions to: 


     Administrators     Full Control ( All )


The Everyone group is removed. If you log on to the computer as an ordinary user, you can see the file, but not open it. You can however delete the file.

To Deny Delete Permission to the Everyone Group

If you wish to deny the Everyone group the right to delete files, do not remove the Everyone group from the root directory. If this is done, the System and Administrators will not have access to the system files and it may not be possible to log on when the system restarts. For more information, please see the following article in the Microsoft Knowledge Base:

Q109076Removing Permissions to an NTFS Partition May Prevent Startup

To prevent the Everyone group from being able to delete files in the root directory, assign Read, Write, and Execute (RWX) privileges through Special Directory Access. It is also necessary to explicitly provide the system with full control. The root directory permissions should now be displayed as the following: 


   Administrators    Full Control    ( All )( All )
   Everyone          Special Access  ( RWX )( RWX )
   SYSTEM            Full Control    ( All )( All )


Additional query words: C2 Security

Keywords : ntfilesys NTSrvWkst
Version : WINDOWS:2000; winnt:3.5,3.51,4.0
Platform : WINDOWS winnt
Issue type :


Last Reviewed: January 25, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.