Setting Object Permissions

You've added users and you've added groups. Permissions is how you specify whether a user or group can access a particular file, folder, or other object. They are rules that define which users can access an object and exactly what they can do with it. Permissions apply to objects, as opposed to rights, which apply to the computer as a whole. When users try to access an object, Windows 2000 Professional determines whether they have permission to do what they're trying to do. This process is called authorization. Each object has an access control list (ACL). ACLs contain access control entries (ACEs) that control access to or audit an object. An object's ACL is a list of users and groups that have permission to access the object. The two types of ACLs are discretionary access control lists (DACLs), which give permissions to users and groups; and system access control lists (SACLs) , which specify security events that the operating system will audit.

Here's how to edit a file or folder's ACL: