How to use takeown and icacls to deny access to other users?
What is the Windows equivalent to:
chown $USER
chmod 600 file
From what I understand, this requires that inherited permissions be disabled (because HOSTNAME\Users is inherited) and all groups outside of myself and Administrators be removed.
Can this operation be performed with takeown
and icacls
?
Solution 1:
Take ownership, so that the previous owner (if any) couldn't change permissions. Use takeown command to do this :
takeown /f filepath
Disable automatic inheritance:
icacls filepath /inheritance:d
Grant yourself full control:
icacls filepath /grant user:f
Finally remove everyone else:
icacls filepath /remove someotheruser
Anyone who is not listed in the ACL will be denied by default.