COMMAND                                            SOURCE: 


  Win NT Server 3.5, 3.51, and 4.0


    According to MS KB  Article ID: Q142017 if  a domain user logs  on
    at  the  server  console,  creates  a  file,  and then removes all
    permissions from the file, no one except that user should be  able
    to manipulate or  delete that file.  However, another domain  user
    can log on at the server console and delete the file, even  though
    the user does not have permission to do so.

    UserA and  UserB are  domain users  only. They  have permission to
    log on  locally, and  there is  a directory  on the  server called
    Testdir.  Everyone has full  control of the directory. UserA  logs
    on and creates a file called My.txt in the Testdir directory.  She
    then removes all permissions from  the file. A message appears  to
    tell her that because she  removed all permissions, no one  except
    her will be able to do anything with the file.

    UserA logs off and  UserB logs on. He  sees My.txt in the  Testdir
    directory. All the security options in File Manager are greyed out
    with regard to My.txt. He  is unable to change permissions  on the
    file or take ownership of the file. This is expected behavior.  If
    he tries to rename  the file, open it  in Notepad, or type  it out
    at a  prompt, he  gets an  Access Denied  message. However, he can
    delete the file with no problem.




    Nothing for now.