Basic security question

K

keithr

New member
Member
Local time
3:10 PM
Messages
48
Hi all,

My Win7 desktop has admin plus user accounts for myself (Keith) and wife (Jean). The HDD is partitioned with all progs on C: and data on D:

I recently lost a file and dont remember deleting it, so thought I would check if it were possible for Jean to delete it. (Yes I have backup, so was able to restore it).

I was under the impression that any file that I originated and saved within D: would be safe from accidental deletion by Jean, but have just proved to myself that under her login, she can delete files without UAC asking for the admin password. How do I set things up so that my files will be protected from accidental deletion by Jean? I am quite happy for her to view any file.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64 bit
From the Admin acount, under the file or folder Properties box, on Security tab, Edit the secondary account's Permissions to dis-allow Full Control. I don't think with Modfy or Read-Execute, Read or Write the account holder can Delete the file but you may need to test to be sure.
 
gregrocker said:
From the Admin acount, under the file or folder Properties box, on Security tab, Edit the secondary account's Permissions to dis-allow Full Control. I don't think with Modfy or Read-Execute, Read or Write the account holder can Delete the file but you may need to test to be sure.
Click to expand...


Hi gregrocker
Looking at my D: drive security tab, I see:
Authenticated users
SYSTEM
Administrators (Keith-PC\Administrators)
Users (Keith-PC\Users)

Which I find confusing since I expected to see users Keith & Jean listed separately. By "secondary accounts permissions" are you referring to user account Jean which I dont see?

Please explain whats the difference between Authenticated users and Users (Keith-PC\Users)?
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64 bit
Hello Keith,

If you like, you should be able to add the other user accounts that you don't want to have full access, and set their permissions to say allow "Read & execute" only, and deny "Modify" and "Write".

http://www.sevenforums.com/tutorials/122666-permissions-allow-deny-users-groups.html

Be sure to NOT "deny" "everyone" or everything. If you do, you'll find that you denied yourself as well.

Hope this helps, :)
Shawn
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self built custom
OS
64-bit Windows 11 Pro for Workstations
CPU
Intel i7-8700K OC'd to 5 GHz
Motherboard
ASUS ROG Maximus XI Formula Z390
Memory
64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
Graphics Card(s)
ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Sound Card
Integrated
Monitor(s) Displays
2 x Samsung Odyssey G7 27"
Screen Resolution
2560x1440
Hard Drives
1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
PSU
Seasonic Prime Titanium 850W
Case
Thermaltake Core P3
Cooling
Corsair Hydro H115i
Keyboard
Logitech wireless K800
Mouse
Logitech MX Master 4
Internet Speed
2 Gb/s Download and 100 Mb/s Upload
Antivirus
Malwarebyte Anti-Malware Premium
Browser
Google Chrome
Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
You must log in or register to reply here.
Back
Top