Sharing allows resources to be designated as being available to all users over a network. When a folder is shared, users can log into the folder from across the network and access the files within, as though the folder were located on the hard drive of the computer they are currently using.
In order to increase network security, permissions can be applied to these resources to limit the actions that users can perform on them.
Once a folder is shared, users who have permission to it can access all the files and folders contained within.
Folders are shared so that users can access applications, data, and user home folders over the network.
Using shared folders is the only way to ensure the security of network resources in a FAT volume.
Permissions may be applied to folders, and control the use of resource by a given user. In FAT, there are four different permissions:
Permissions granted to the user will not take effect until the next time he or she logs in (meaning that this system is non-dynamic). Note that by default, "Full Control" permission is granted to the user group "Everyone." Therefore, before doing anything else, this group and its associated permissions must be deleted. Likewise, NEVER give "No Access" permission to the "Everyone" group, since the Administrator is part of this group. Your computer will be completely inaccessible and the only solution will be to reinstall Windows NT.
These two examples are a perfect illustration of security holes in Windows NT 4.0.
A user can have permissions attributed to him or her directly, or as a member of a group. Sometimes, a user may even be part of several groups that have different permissions on the same shared folder. Here is how these permissions are handled: