NetWare 4.1/9000 Concepts
1-211
NetWare Glossary
T
A trustee through inheritance is an object that has a trustee assignment to a
directory, file, or object higher in the structure and inherits rights for the
current directory, file, or object.
Hole in the tree. A trustee assignment for a file or directory always allows
the user to see the path to the root directory of the volume. A trustee
assignment for an object, however, does not automatically show the user the
directory tree to the root.
This security feature prevents a user who has rights in one branch of the tree
from jumping over a place where the user does not have rights and browsing
through the entire tree.
The Supervisor right, which can't be blocked by an Inherited Rights Filter on
a file or directory, can be blocked by the Inherited Rights Filter for an object,
either for object or property rights.
Use caution when blocking the Supervisor right to objects. If you delete the
only object that has the Supervisor right to part of the tree and the Inherited
Rights Filter blocks others from inheriting the Supervisor object right, that
part of the tree is cut off.
To make trustee assignments for a directory or file, an object must be a
trustee of that directory or file with the Access Control right.
To make a trustee assignment for an object, an object must be a trustee of
that object with the Write or Add Self right to the object’s ACL property.
To grant or modify a trustee assignment for either directories, files, or
objects, use “FILER”, “NETADMIN”, “NetWare Administrator,” or
“RIGHTS” (Utilities Reference).
See also “Inherited Rights Filter, file system”; “Inherited Rights Filter, NDS
object”; “Security”; “Trustee database.”