Windows 7 Default File System Permissions Listing
This is a complete listing of all Windows 7 file system permissions. The list was generated on a 32-bit installation with SetACL. More default permission listings can be found here.
How to Interpret the List
As mentioned above the list contains only non-inherited permissions. This means that if permission X is set on C:\ and the directory C:\Data is configured to not block inherited permissions, X is valid on C:\Data, too. The permissions of C:\Data will not be included in this listing, though, because that would increase its size by a factor of 100 at least.
If a directory is configured to not inherit permissions from its parent it is marked with “DACL(protected)” or “DACL(pseudo_protected)”. A directory that does inherit from its parent can still add permissions not present in the parent. Those are listed here, of course.
Remarks
I found hundreds of directories where inheritance is blocked but the parent’s permissions are re-set on the child. That is just bad style and should not happen. By enabling inheritance setting identical permissions on a child object becomes unnecessary. In order to keep this list concise, such redundant information was removed. For the same reason, this listing contains only non-inherited permissions.
The computer where I created this listing was a domain member and had a local user account named “Helge”.
Permission Listing
c:\
Owner: TrustedInstaller
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Users read_execute allow container_inherit+object_inherit
Authenticated Users change allow container_inherit+object_inherit+inherit_only
Authenticated Users FILE_ADD_SUBDIRECTORY allow no_inheritance
c:\$Recycle.Bin
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Users read_execute+FILE_ADD_SUBDIRECTORY+FILE_WRITE_ATTRIBUTES allow no_inheritance
c:\$Recycle.Bin\<USER SID>
Owner: <USER>
DACL(protected):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
<USER> full allow container_inherit+object_inherit
c:\Boot
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM read_execute+write allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators read_execute+write allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Documents and Settings
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Program Files
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Program Files\Windows Media Player\Icons
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Program Files\Windows Media Player\Visualizations
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Program Files\Windows Sidebar\Shared Gadgets
Owner: TrustedInstaller
DACL(protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\ProgramData
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
Users read_execute allow container_inherit+object_inherit
Users write allow container_inherit
c:\ProgramData\Application Data
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Desktop
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Documents
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Favorites
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Microsoft
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Users read_execute allow container_inherit+object_inherit
Everyone read_execute allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Crypto\DSS\MachineKeys
Owner: Administrators
DACL(protected+auto_inherited):
Everyone write+read allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Microsoft\Crypto\Keys
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Everyone read allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
Owner: Administrators
DACL(protected+auto_inherited):
Everyone write+read allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Microsoft\Device Stage\Device\<GUID>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\DeviceSync
Owner: Administrators
DACL(protected+auto_inherited):
Guests full deny no_inheritance
Guests full deny container_inherit+object_inherit+inherit_only
Guest full deny no_inheritance
Guest full deny container_inherit+object_inherit+inherit_only
Everyone read_execute+write+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC allow no_inheritance
Everyone full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
c:\ProgramData\Microsoft\DRM\Server
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Everyone read+FILE_ADD_SUBDIRECTORY allow container_inherit+object_inherit
c:\ProgramData\Microsoft\eHome
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Authenticated Users change+FILE_DELETE_CHILD allow container_inherit+object_inherit
ehSched change+FILE_DELETE_CHILD allow container_inherit+object_inherit
ehRecvr change+FILE_DELETE_CHILD allow container_inherit+object_inherit
SYSTEM full allow container_inherit
c:\ProgramData\Microsoft\Network\Connections
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Everyone read_execute allow no_inheritance
Everyone read_execute allow container_inherit+object_inherit+inherit_only
Network Configuration Operators read_execute+write allow no_inheritance
Network Configuration Operators read_execute+write allow container_inherit+object_inherit+inherit_only
S-1-5-80-3906544942-1489856346-3706913989-164347954-1900376235 full allow no_inheritance
S-1-5-80-3906544942-1489856346-3706913989-164347954-1900376235 full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Network\Downloader
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\RAC\Outbound
Owner: Administrators
DACL(not_protected+auto_inherited):
LOCAL SERVICE change allow no_inheritance
LOCAL SERVICE change allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\RAC\PublishedData
Owner: Administrators
DACL(not_protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
LOCAL SERVICE full allow no_inheritance
LOCAL SERVICE full allow container_inherit+object_inherit+inherit_only
Users full allow no_inheritance
Users full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\RAC\StateData
Owner: Administrators
DACL(not_protected+auto_inherited):
LOCAL SERVICE change allow no_inheritance
LOCAL SERVICE change allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\RAC\Temp
Owner: Administrators
DACL(not_protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
LOCAL SERVICE full allow no_inheritance
LOCAL SERVICE full allow container_inherit+object_inherit+inherit_only
Users full allow no_inheritance
Users full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Search\Data
Owner: SYSTEM
DACL(pseudo_protected):
Administrators full allow object_inherit+inherit_only
Administrators full allow container_inherit
SYSTEM full allow object_inherit+inherit_only
SYSTEM full allow container_inherit
c:\ProgramData\Microsoft\User Account Pictures
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
Everyone read_execute allow container_inherit+object_inherit
c:\ProgramData\Microsoft\User Account Pictures\Default Pictures
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Vault
Owner: Administrators
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows\AIT
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows\DeviceMetadataStore
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows\DRM
Owner: SYSTEM
DACL(protected+auto_inherited):
Domain Guests full deny no_inheritance
Domain Guests full deny container_inherit+object_inherit+inherit_only
Guests full deny no_inheritance
Guests full deny container_inherit+object_inherit+inherit_only
Guest full deny no_inheritance
Guest full deny container_inherit+object_inherit+inherit_only
Everyone read_execute+write+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC allow no_inheritance
Everyone full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
c:\ProgramData\Microsoft\Windows\DRM\Cache
Owner: SYSTEM
DACL(protected+auto_inherited):
Guests full deny no_inheritance
Guests full deny container_inherit+object_inherit+inherit_only
Guest full deny no_inheritance
Guest full deny container_inherit+object_inherit+inherit_only
Everyone read_execute+write+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC allow no_inheritance
Everyone full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
c:\ProgramData\Microsoft\Windows\Power Efficiency Diagnostics
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows\Start Menu
Owner: Administrators
DACL(not_protected+auto_inherited):
Helge FILE_DELETE_CHILD+DELETE allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows\WER\ReportArchive
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Authenticated Users FILE_LIST_DIRECTORY allow container_inherit
LOCAL SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
NETWORK SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
WRITE RESTRICTED FILE_ADD_SUBDIRECTORY allow container_inherit
c:\ProgramData\Microsoft\Windows\WER\ReportQueue
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Authenticated Users FILE_LIST_DIRECTORY allow container_inherit
LOCAL SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
NETWORK SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
SERVICE FILE_LIST_DIRECTORY+FILE_ADD_SUBDIRECTORY allow container_inherit
WRITE RESTRICTED FILE_ADD_SUBDIRECTORY allow container_inherit
c:\ProgramData\Microsoft\Windows\WER\ReportQueue\<SUBDIRECTORY>
Owner: SYSTEM
DACL(pseudo_protected):
Administrators full allow container_inherit+object_inherit
SYSTEM read_execute+write allow container_inherit+object_inherit
WRITE RESTRICTED write+READ_CONTROL allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows Defender
Owner: SYSTEM
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows Defender\Definition Updates
Owner: SYSTEM
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows NT\MSFax
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Everyone read_execute allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows NT\MSFax\Common Coverpages\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows NT\MSFax\Inbox
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows NT\MSFax\Queue
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\ProgramData\Microsoft\Windows NT\MSFax\VirtualInbox\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\Windows NT\MSScan
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\ProgramData\Microsoft\WwanSvc\Profiles
Owner: SYSTEM
DACL(protected+auto_inherited):
Guests full deny no_inheritance
Guests full deny container_inherit+object_inherit+inherit_only
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
WwanSvc full allow no_inheritance
WwanSvc full allow container_inherit+object_inherit+inherit_only
Administrators read+FILE_ADD_SUBDIRECTORY allow container_inherit+object_inherit
SYSTEM read+FILE_ADD_SUBDIRECTORY allow container_inherit+object_inherit
Everyone read+FILE_ADD_SUBDIRECTORY allow container_inherit+object_inherit
c:\ProgramData\Start Menu
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\ProgramData\Templates
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Recovery
Owner: SYSTEM
DACL(pseudo_protected):
Administrators full allow container_inherit+object_inherit
c:\System Volume Information
Owner: Administrators
DACL(protected):
SYSTEM full allow container_inherit+object_inherit
c:\System Volume Information\SPP
Owner: Administrators
DACL(protected):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
c:\System Volume Information\SPP\OnlineMetadataCache
Owner: Administrators
DACL(protected):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
c:\Users
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
Everyone read_execute allow no_inheritance
Everyone read_execute allow container_inherit+object_inherit+inherit_only
c:\Users\All Users
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Users\Default\AppData\Local\Application Data
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\AppData\Local\History
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\AppData\Local\Temporary Internet Files
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Application Data
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Cookies
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Documents\My Music
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Documents\My Pictures
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Documents\My Videos
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Local Settings
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\My Documents
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\NetHood
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\PrintHood
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Recent
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\SendTo
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Start Menu
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default\Templates
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Default User
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Users\Helge
Owner: SYSTEM
DACL(protected):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Helge full allow container_inherit+object_inherit
c:\Users\Helge\AppData\Local\Application Data
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\AppData\Local\History
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\AppData\Local\Microsoft\Windows\WER\ReportArchive
Owner: Helge
DACL(pseudo_protected):
Administrators full allow container_inherit+object_inherit
Helge full allow container_inherit+object_inherit
c:\Users\Helge\AppData\Local\Temporary Internet Files
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Application Data
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Cookies
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Documents\My Music
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Documents\My Pictures
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Documents\My Videos
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Local Settings
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\My Documents
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\NetHood
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\PrintHood
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Recent
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\SendTo
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Start Menu
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Helge\Templates
Owner: SYSTEM
DACL(not_protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
c:\Users\Public
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow container_inherit+object_inherit
INTERACTIVE change+FILE_DELETE_CHILD allow container_inherit+object_inherit+inherit_only
INTERACTIVE read_execute+FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY allow no_inheritance
SERVICE change+FILE_DELETE_CHILD allow container_inherit+object_inherit+inherit_only
SERVICE read_execute+FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY allow no_inheritance
BATCH change+FILE_DELETE_CHILD allow container_inherit+object_inherit+inherit_only
BATCH read_execute+FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY allow no_inheritance
c:\Users\Public\Desktop
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
INTERACTIVE read_execute allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Helge FILE_DELETE_CHILD+DELETE allow container_inherit+object_inherit+inherit_only
c:\Users\Public\Documents\My Music
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Users\Public\Documents\My Pictures
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Users\Public\Documents\My Videos
Owner: SYSTEM
DACL(protected+auto_inherited):
Everyone FILE_LIST_DIRECTORY deny no_inheritance
Everyone read_execute allow no_inheritance
SYSTEM full allow no_inheritance
Administrators full allow no_inheritance
c:\Users\Public\Recorded TV
Owner: Administrators
DACL(not_protected+auto_inherited):
ehSched change+FILE_DELETE_CHILD allow container_inherit+object_inherit
ehRecvr change+FILE_DELETE_CHILD allow container_inherit+object_inherit
c:\Windows
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\AppCompat\Programs
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Users FILE_TRAVERSE+READ_CONTROL allow container_inherit+object_inherit
TrustedInstaller full allow container_inherit+object_inherit
c:\Windows\AppPatch\Custom
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+inherit_only
c:\Windows\Boot
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\CSC\v2.0.6
Owner: Administrators
DACL(pseudo_protected):
SYSTEM full allow no_inheritance
c:\Windows\CSC\v2.0.6\namespace
Owner: SYSTEM
DACL(not_protected):
SYSTEM full allow no_inheritance
c:\Windows\CSC\v2.0.6\temp
Owner: SYSTEM
DACL(not_protected):
SYSTEM full allow no_inheritance
c:\Windows\debug\WIA
Owner: SYSTEM
DACL(pseudo_protected):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
LOCAL SERVICE change+FILE_DELETE_CHILD allow container_inherit+object_inherit
Authenticated Users change+FILE_DELETE_CHILD allow container_inherit+object_inherit
c:\Windows\diagnostics
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\Help\Corporate
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\Help\OEM
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\inf\TAPISRV\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\Installer
Owner: Administrators
DACL(pseudo_protected):
SYSTEM full allow container_inherit+object_inherit
Everyone read_execute allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
c:\Windows\LiveKernelReports
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
c:\Windows\Logs\HomeGroup
Owner: HomeGroupProvider
DACL(protected+auto_inherited):
HomeGroupProvider full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
c:\Windows\Logs\SystemRestore
Owner: Administrators
DACL(protected):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
c:\Windows\ModemLogs
Owner: Administrators
DACL(protected+auto_inherited):
NETWORK SERVICE write+read+DELETE allow no_inheritance
NETWORK SERVICE write+read+DELETE allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
c:\Windows\PLA\Reports
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
Performance Log Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
c:\Windows\PLA\Rules
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
Performance Log Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
c:\Windows\PLA\System
Owner: Administrators
DACL(not_protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
pla change+FILE_DELETE_CHILD allow container_inherit+object_inherit+inherit_only
c:\Windows\PLA\Templates
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
Performance Log Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
c:\Windows\Prefetch
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
c:\Windows\Registration
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow object_inherit
Everyone read_execute allow object_inherit
SYSTEM full allow object_inherit
c:\Windows\Registration\CRMLog
Owner: Administrators
DACL(protected+auto_inherited):
Administrators write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
SYSTEM write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
Users read+FILE_ADD_FILE allow no_inheritance
Users write+read+DELETE allow object_inherit+inherit_only
c:\Windows\RemotePackages
Owner: Administrators
DACL(not_protected+auto_inherited):
SYSTEM full allow container_inherit+inherit_only
Administrators full allow container_inherit+inherit_only
Authenticated Users read_execute allow no_inheritance
Authenticated Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\rescache
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\schemas\EAPHost
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\schemas\EAPMethods
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\schemas\TSWorkSpace
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\security\audit
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
c:\Windows\ServiceProfiles\LocalService
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
LOCAL SERVICE full allow container_inherit+object_inherit
c:\Windows\ServiceProfiles\NetworkService
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
NETWORK SERVICE full allow container_inherit+object_inherit
c:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\Icon Files
Owner: NETWORK SERVICE
DACL(not_protected+auto_inherited):
INTERACTIVE read allow container_inherit+object_inherit
c:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\SCPD
Owner: NETWORK SERVICE
DACL(not_protected+auto_inherited):
LOCAL SERVICE read allow container_inherit+object_inherit
c:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache
Owner: NETWORK SERVICE
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
sppsvc write+read+DELETE allow container_inherit+object_inherit
Everyone read allow container_inherit+object_inherit
c:\Windows\servicing
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\servicing\Editions
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\Speech\Common
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\Speech\Engines\Lexicon\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\Speech\Engines\SR\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\AdvancedInstallers
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\appmgmt
Owner: SYSTEM
DACL(pseudo_protected):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Everyone read_execute allow no_inheritance
c:\Windows\System32\appmgmt\S-1-5-18
Owner: SYSTEM
DACL(not_protected):
SYSTEM read_execute allow container_inherit+object_inherit
c:\Windows\System32\Boot
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\catroot
Owner: Administrators
DACL(not_protected+auto_inherited):
CryptSvc full allow no_inheritance
CryptSvc full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\catroot2
Owner: Administrators
DACL(not_protected+auto_inherited):
CryptSvc full allow no_inheritance
CryptSvc full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
Owner: NETWORK SERVICE
DACL(not_protected+auto_inherited):
CryptSvc full allow container_inherit+object_inherit
Users read_execute allow container_inherit+object_inherit
Authenticated Users change allow no_inheritance
c:\Windows\System32\com\dmp
Owner: Administrators
DACL(protected+auto_inherited):
Administrators write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
CREATOR OWNER write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit+inherit_only
SYSTEM write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
Users FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY allow container_inherit
c:\Windows\System32\config
Owner: Administrators
DACL(protected+auto_inherited):
TrustedInstaller full allow container_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\config\systemprofile
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
c:\Windows\System32\<LANGUAGE CODE>\Licenses
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\DriverStore
Owner: SYSTEM
DACL(protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Everyone read_execute allow no_inheritance
Everyone read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\FxsTmp
Owner: SYSTEM
DACL(protected+auto_inherited):
Users FILE_TRAVERSE deny container_inherit+object_inherit+inherit_only
Users FILE_LIST_DIRECTORY+FILE_ADD_FILE allow no_inheritance
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\GroupPolicy
Owner: Administrators
DACL(protected+auto_inherited):
Authenticated Users read_execute allow no_inheritance
Authenticated Users read_execute allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\GroupPolicyUsers
Owner: Administrators
DACL(protected+auto_inherited):
Authenticated Users read_execute allow no_inheritance
Authenticated Users read_execute allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\ias
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
NETWORK SERVICE read_execute+write allow no_inheritance
NETWORK SERVICE read_execute+write allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\icsxml
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\LogFiles\Fax\Incoming
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\Windows\System32\LogFiles\Fax\Outgoing
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
Fax full allow container_inherit+object_inherit
c:\Windows\System32\LogFiles\Firewall
Owner: Administrators
DACL(protected+auto_inherited):
MpsSvc full allow object_inherit
SYSTEM full allow object_inherit
Administrators full allow object_inherit
c:\Windows\System32\LogFiles\WMI
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
LOCAL SERVICE full allow container_inherit+object_inherit
NETWORK SERVICE full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Performance Log Users full allow container_inherit+object_inherit
c:\Windows\System32\LogFiles\WMI\RtBackup
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
c:\Windows\System32\LogFiles\WUDF
Owner: Administrators
DACL(not_protected+auto_inherited):
wudfsvc write+read allow container_inherit+object_inherit
LOCAL SERVICE FILE_ADD_FILE+READ_CONTROL allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
c:\Windows\System32\Msdtc
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
MSDTC read_execute+write allow no_inheritance
MSDTC full allow container_inherit+object_inherit+inherit_only
KtmRm read_execute+write allow no_inheritance
KtmRm full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Msdtc\Trace
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change+WRITE_DAC allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
MSDTC read_execute+write allow no_inheritance
MSDTC full allow container_inherit+object_inherit+inherit_only
KtmRm read_execute+write allow no_inheritance
KtmRm full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\NDF
Owner: Administrators
DACL(not_protected+auto_inherited):
WdiServiceHost full allow no_inheritance
WdiServiceHost full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\NetworkList
Owner: Administrators
DACL(protected+auto_inherited):
netprofm full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
c:\Windows\System32\NetworkList\Icons\StockIcons
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Recovery
Owner: Administrators
DACL(not_protected+auto_inherited):
ANONYMOUS LOGON full deny no_inheritance
ANONYMOUS LOGON full deny container_inherit+object_inherit+inherit_only
NETWORK SERVICE read allow no_inheritance
NETWORK SERVICE read allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Speech\Common
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Speech\Engines\SR
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Speech\SpeechUX
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\spool\drivers
Owner: SYSTEM
DACL(protected+auto_inherited):
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Everyone read_execute allow no_inheritance
Everyone read_execute allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\spool\drivers\color
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow container_inherit
SYSTEM change allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
CREATOR OWNER write+read+DELETE allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\spool\PRINTERS
Owner: SYSTEM
DACL(protected+auto_inherited):
Users FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY+FILE_READ_EA+FILE_READ_ATTRIBUTES allow container_inherit
Administrators write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow no_inheritance
CREATOR OWNER write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit+inherit_only
SYSTEM write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
Administrators write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow container_inherit+object_inherit
c:\Windows\System32\Tasks
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit
Administrators write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
SYSTEM full allow container_inherit
SYSTEM write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
Authenticated Users write+READ_CONTROL allow container_inherit
NETWORK SERVICE write+READ_CONTROL allow container_inherit
LOCAL SERVICE write+READ_CONTROL allow container_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Tasks\Microsoft
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit
Administrators write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
SYSTEM full allow container_inherit
SYSTEM write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
Authenticated Users read allow container_inherit+object_inherit
LOCAL SERVICE read allow container_inherit+object_inherit
NETWORK SERVICE read allow container_inherit+object_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Tasks\Microsoft\Windows\Media Center
Owner: Administrators
DACL(not_protected+auto_inherited):
NETWORK SERVICE change+FILE_DELETE_CHILD+WRITE_DAC allow container_inherit+object_inherit
c:\Windows\System32\Tasks\Microsoft\Windows\Media Center\Extender
Owner: Administrators
DACL(pseudo_protected+auto_inherited):
Administrators full allow no_inheritance
SYSTEM full allow no_inheritance
Users read_execute allow no_inheritance
c:\Windows\System32\Tasks\Microsoft\Windows\PLA
Owner: Administrators
DACL(not_protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Performance Log Users read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
c:\Windows\System32\Tasks\Microsoft\Windows\PLA\System
Owner: Administrators
DACL(pseudo_protected+auto_inherited):
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Everyone read_execute+FILE_ADD_FILE allow container_inherit+object_inherit
c:\Windows\System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update
Owner: Administrators
DACL(protected+auto_inherited):
Administrators full allow container_inherit
Administrators write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
SYSTEM full allow container_inherit
SYSTEM write+read+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit
Authenticated Users write+READ_CONTROL allow container_inherit
NETWORK SERVICE write+READ_CONTROL allow container_inherit
LOCAL SERVICE write+READ_CONTROL allow container_inherit
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\Tasks\Microsoft\Windows\SyncCenter
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute+FILE_ADD_SUBDIRECTORY allow no_inheritance
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wbem\AutoRecover
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
NETWORK SERVICE read allow no_inheritance
NETWORK SERVICE read allow container_inherit+object_inherit+inherit_only
Backup Operators write+read allow no_inheritance
Backup Operators write+read allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
OWNER RIGHTS READ_CONTROL allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wbem\Logs
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
NETWORK SERVICE write+read+DELETE allow no_inheritance
NETWORK SERVICE write+read+DELETE allow container_inherit+object_inherit+inherit_only
Backup Operators write+read allow no_inheritance
Backup Operators write+read allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
OWNER RIGHTS READ_CONTROL allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wbem\MOF
Owner: SYSTEM
DACL(protected+auto_inherited):
Administrators full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
c:\Windows\System32\wbem\Repository
Owner: Administrators
DACL(protected+auto_inherited):
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
NETWORK SERVICE read allow no_inheritance
NETWORK SERVICE read allow container_inherit+object_inherit+inherit_only
Backup Operators write+read allow no_inheritance
Backup Operators write+read allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
OWNER RIGHTS READ_CONTROL allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wdi
Owner: Administrators
DACL(protected+auto_inherited):
Guests full deny no_inheritance
Guests full deny container_inherit+object_inherit+inherit_only
ANONYMOUS LOGON full deny no_inheritance
ANONYMOUS LOGON full deny container_inherit+object_inherit+inherit_only
Administrators FILE_TRAVERSE deny object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
DPS write+read+DELETE allow no_inheritance
DPS write+read+DELETE allow container_inherit+object_inherit+inherit_only
WdiServiceHost write+read+DELETE allow no_inheritance
WdiServiceHost write+read+DELETE allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wdi\perftrack\traces
Owner: SYSTEM
DACL(not_protected+auto_inherited):
WdiServiceHost write+read allow no_inheritance
WdiServiceHost write+read allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\wfp
Owner: Administrators
DACL(protected+auto_inherited):
SYSTEM full allow container_inherit
SYSTEM write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit+inherit_only
Administrators full allow container_inherit
Administrators write+read+FILE_DELETE_CHILD+WRITE_OWNER+WRITE_DAC+DELETE allow object_inherit+inherit_only
BFE write+read allow container_inherit+object_inherit
c:\Windows\System32\WindowsPowerShell\v1.0\<LANGUAGE CODE>
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+object_inherit+inherit_only
SYSTEM read_execute allow no_inheritance
SYSTEM read_execute allow container_inherit+object_inherit+inherit_only
Administrators read_execute allow no_inheritance
Administrators read_execute allow container_inherit+object_inherit+inherit_only
Users read_execute allow no_inheritance
Users read_execute allow container_inherit+object_inherit+inherit_only
c:\Windows\System32\winevt
Owner: Administrators
DACL(protected+auto_inherited):
eventlog read_execute+write+FILE_DELETE_CHILD allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Authenticated Users read allow container_inherit
c:\Windows\System32\winevt\Logs
Owner: Administrators
DACL(protected+auto_inherited):
eventlog full allow container_inherit+object_inherit
SYSTEM full allow container_inherit+object_inherit
Administrators full allow container_inherit+object_inherit
Authenticated Users read allow container_inherit
c:\Windows\TAPI
Owner: Administrators
DACL(protected+auto_inherited):
TapiSrv full allow no_inheritance
TapiSrv full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
Users read allow no_inheritance
Users read allow container_inherit+object_inherit+inherit_only
c:\Windows\Tasks
Owner: Administrators
DACL(protected+auto_inherited):
Authenticated Users read_execute+FILE_ADD_FILE allow no_inheritance
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
Administrators full allow no_inheritance
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\Temp
Owner: Administrators
DACL(protected+auto_inherited):
Users FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY+FILE_TRAVERSE allow container_inherit
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
CREATOR OWNER full allow container_inherit+object_inherit+inherit_only
c:\Windows\tracing
Owner: Administrators
DACL(protected+auto_inherited):
LOCAL SERVICE read_execute+write allow no_inheritance
LOCAL SERVICE read_execute+write allow container_inherit+object_inherit+inherit_only
NETWORK SERVICE read_execute+write allow no_inheritance
NETWORK SERVICE read_execute+write allow container_inherit+object_inherit+inherit_only
SYSTEM full allow container_inherit+object_inherit
Users read_execute+write allow no_inheritance
Users read_execute+write allow container_inherit+inherit_only
Users write+read allow no_inheritance
Users write+read allow object_inherit+inherit_only
Administrators change allow no_inheritance
Administrators change allow container_inherit+inherit_only
Administrators write+read+DELETE allow no_inheritance
Administrators write+read+DELETE allow object_inherit+inherit_only
c:\Windows\Vss
Owner: Administrators
DACL(not_protected+auto_inherited):
Backup Operators full allow container_inherit+object_inherit
LOCAL SERVICE full allow container_inherit+object_inherit
NETWORK SERVICE full allow container_inherit+object_inherit
c:\Windows\winsxs
Owner: TrustedInstaller
DACL(protected+auto_inherited):
TrustedInstaller full allow container_inherit+object_inherit
Administrators read_execute allow container_inherit+object_inherit
SYSTEM read_execute allow container_inherit+object_inherit
Users read_execute allow container_inherit+object_inherit
8 Comments
Great work!
Some of my folders have owner “local services” instead of System or Administrators and are locked and access denied. Would you suggest some correction methods for these settings.
I have Windows 7 on a Sony Vaio laptop
Thank you for your time and experience
Happy holidays
Nita
Windows Server 2008 R2
c:/Windows/WinSXS/InstallTemp
SYSTEM – Full Control
AdministratorS – Full Control; except Full Control, Delete, Change Permission, Take OwnerShip
Users – Read
Owner – NT Service/TrustedInstaller
What is the command used to get this?
This is really great work, but as I would like to restore those permissions, I think I would like someway to change this list (with added domain, user names …) into sddl fomat
Did not see the “c:\Windows\System32\” in the list.
Me too! Why is this?
Hello,
thanks for the informations but, I’m wondering why the group “Users” has read and execution permissions on the C folder (and many others).
I understand that this allow a non authenticated user to read and execute files in this folder … it is obvious that a non authenticated user cannot access and execute (on my machine, any users must be authenticated inorder to start a session; … ; I’m a native french guy :-)