|
A few drinks tonight so pardon the clarity...
Windows networking has two levels of permissions: share and file level. The first, your #1, is the share level permission. This permission is the first "gatekeeper" that overrides all others. Thus, if you want to give someone Write access to a file, you _have_ to give that permission in the share. For almost all cases, you can give Full Control to Everyone in a share. If you give Read access to the share but Full Control to the file, you'll only have Read access because of the share permission.
The NTFS permissions at the file level will dictate what you can do with the files. Thus, you can give Full Control to the share yet Read-only on the file and Read-only is the resultant permission.
From a simplicity standpoint, you can give Full Control on the share and assign the exact permission you want on the files. If you like, use Authenticated Users instead of Everyone.
Lastly, your firewall will protect you because by default it doesn't allow access to the shares. Thus, you can create shares for you LAN but as long as you have a tight firewall you have nothing to worry about from the 'net.
__________________
How you do anything is how you do everything.
|