2
In Linux it is pretty straightforward to give the ownership of a folder and a file within and all their permissions to the root account, then giving users read-only access to the file. This means users can read the file's contents but have no ability to modify the file's name, delete nor move it.
Is there a way to make a file that a user can read but cannot in any single way modify in Windows?
Cestarian
Posted 2014-07-08T20:55:08.613
Reputation: 1 418
2
Assign the user Read permissions in the security tab of the file's properties. As long as the user is not a member of the local administrators group where the file is stored, they won't be able to change the file in any way.
You may need to disable permission inheritance via the advanced button in the security tab if the file or folder is inheriting permissions. When doing this, typically I copy the existing permissions then adjust as needed.
Set File Permissions:
1) Right-click the file in question, select Properties.
2) Switch to the Security tab.
3) Click Advanced.
4) Click the Change Permissions button (if needed.)
5) Uncheck the box that says Include inheritable permissions from this object’s parent.
6) Choose Add when prompted.
7) Adjust permissions as needed. Be aware that the user may be part of a security group listed here.
8) Click OK.
Check User Group Membership:
Workgroup environment
1) Go to Start and right-click Computer, select Manage.
2) Expand Local Users and Groups.
3) Select the Users folder.
4) Right-click the user account, select Properties.
5) Switch to the Member Of tab.
Domain environment
1) Open Active Directory Users and Computers.
2) Right-click the domain and choose find.
3) Enter the username and click Find.
4) Right-click the user account, select Properties.
5) Switch to the Member Of tab.
Garrett Dumas
Posted 2014-07-08T20:55:08.613
Reputation: 360
Please explain better how exactly I would do this. – Cestarian – 2014-07-08T21:05:14.803
Right click the file, choose properties, security tab, then read the above again. – Wutnaut – 2014-07-08T21:12:13.913
It is impossible to deny everything except for read permissions. If I allow read, I allow modify as well. – Cestarian – 2014-07-08T21:13:34.003
You should be able to uncheck modify and have both Read, and Read and Execute still checked. – Garrett Dumas – 2014-07-08T21:23:31.123
There we go, I had to go to the advanced tab and uncheck inheritable permissions, then just add the read permissions to the user I wanted and not tick anything else. Thanks! – Cestarian – 2014-07-08T21:25:37.923
-1
Keep in mind that Windows does not truly have a root user, but it is possible to configure permissions on a file, directory, or even a drive. Simply right click the target, click Properties, go to the Security tab, where you get two options for changing permissions. I recommend clicking 'Learn about access control and permissions'.
Paul
Posted 2014-07-08T20:55:08.613
Reputation: 698
2Your assertion is not quite true. In Unix/Linux, setting read-only access to a file does not prevent rename or delete, though
mvorrmmay prompt to confirm. To prevent rename and delete, the file's directory must be read-only (plus execute, or the user would not see the file at all). This is quite logical if you think about it. I am not sure how W7 behaves in this regard. – AFH – 2014-07-08T23:10:05.627