To secure your system, GlobalSCAPE recommends that you create a user account for EFT Server and grant restrictive permissions to that user account. When you are assigning permissions to individual folders or directories in Windows NT, you may want to reference the following rules. These rules differ somewhat from the VFS rules that govern EFT Server permissions.
The rules below determine the permissions that are ultimately granted to a user in Windows NT:
Explicit denial: All users
or groups assigned "No Access" have no access
If the user or a group that the user is in has been assigned "No
Access," that user is explicitly prohibited from using the file,
folder, or drive. No other permissions will change this.
Cumulative permissions:
Permissions are combined when a user is not explicitly denied access
If the user is not explicitly denied access, the user's permissions
are combined. For example, if user Cal is given read and write permissions
for Folder1, and Cal is also in a group that is given execute permissions
for that folder, then Cal will be able to read, write, and execute files
in Folder1.
Implicit denial: A user
or group that has never been granted any access at all will not be given
access
If the user or a group containing the user is not granted any permissions,
that user or group will be denied access. Access must be specifically
granted.