On NSS, NTFS, and SharePoint, it is possible to define customized permissions. For example, you can create a directory in which users can create files even though they have no permission to view them afterward.
Customized permissions do not apply to Filr.
The NSS, NTFS, and SharePoint requirements set forth in Table 4-2, Table 4-3, and Table 4-4 are very rigid.
If any permissions are missing for a given role, Filr defaults to a more restrictive role.
For NSS, the permissions must all be available as either user/group rights or container rights because, unlike the NSS file system, Filr doesn’t combine the two (see Section 4.8, Filr Roles and NSS File System Rights Might Not Match).
Additionally, if each and every permission required for the Viewer role is not present, then Filr grants no role to the user, as illustrated in the following sections.
Figure 4-6 shows that if the NSS write right is missing, the user can only function as a viewer, even though all of the other Contributor-level rights are present.
Figure 4-6 Missing Write right limits to only Viewer role
Figure 4-7 shows that for NTFS, if the Read & Execute privilege is missing, the user has no Net folder role, even though all of the other permissions are present.
Figure 4-7 Missing Read & Execute privilege prevents access through Filr
Figure 4-8 shows that, for SharePoint, if the Browse User Information privilege is missing, the user has no Net folder role, even though all of the other permissions are present.
Figure 4-8 Missing Browse User Information permission prevents access through Filr