Prevent deletion of a folder

[gbhall]

In XP I know where to find all the properties of a folder, but there is no 'delete inhibit' flag such as I am used to seeing in a server OS.

The consequence is it is possible to delete files and folders by accident, simply by failing to notice the wrong place is holding the focus.

No, the files ard folders are not in the recycle bin, because (in this case) it is a temporary folder with files waiting to be archived or otherwise dealt with, and I habitually hold down the shift key when deleting from this folder. They are truly gone.....

It would save me embarassing myself if I at least got a warning before deleting an entire tree.

 

[ravisunny2]

Never tried these, but might be worth looking into.

There’s a program for locking My Lockbox

http://fspro.net/my-lockbox/

But that will probably prevent any modifications/editing of the folder.

One round about way could be to modify the Right-Click Context Menu.

http://www.ehow.com/how_4498929_rightclick-context-menu-windows-xp.html

 

[tweakboy]

My cousin had your issue lunchbox I mean lockbox did the trick. thx gl,

 

[gbhall]

I've failed to find any lockbox application for windows other than a secure transfer methodology. It is also mentioned in post#2, which gives a link implying that it is a form of password protection i.e. prevents access at all without the password. Not as simple as just a 'not deletable' flag, and possibly not quite suitable, but I will give it a try.

Meanwhile, do you have any additional pointers as to how it would fit my need ?

Thanks to both

 

[ravisunny2]

gbhall, the second part of my post was to consider overriding the standard Delete option of windows.

That involves a modification of the Registry.

If you are the only person who uses the pc, you could write your own application that can handle File/Folder deletion in a customized fashion.

 

[DelJo63]

I'm sure you know that the Delete property can be uniquely set in the Security options for both the Folder and/or Files. Create, Modify would still be allowed.

 

[ravisunny2]

No I didn't, jobeard, as I never needed to use it.

I assumed that gbhall had explored all possibilities.

Thanks.

 

[gbhall]

I'm sure you know that the Delete property can be uniquely set in the Security options for both the Folder and/or Files. Create, Modify would still be allowed.

I found under the folder properties, security tab, advanced options, there are various users, and there are an abbreviated list of permissions, none of which is 'delete'.

There are complex interactions between these permissions, such that for example click deny for 'full control' switches them all to 'deny' and so on.

There is yet another 'advanced' button on there such that you still see the users, but can edit the permissions with a longer list of permissions, one of which is delete

But again there are odd interactions with other permissions, and I can find no way to simply set a folder not deletable, let alone with the contents still deletable. It is possible to set delete as 'deny' but it has no effect whatever, despite 'deny overrules allow' (yeah!!??)

The whole thing seems to have been designed by Einstein in one of his crazier moments, is not remotely usable, and I give up totally on trying to set a property which is a simple single click in (say) Novell. If someone claims that with various on/off settings, plus other switches, it is possible to do that, I am prepared to believe it, but life is too short to work out how to do it.

 

[DelJo63]

right-click on folder->Properties->Security

in the top have are a list of users, the bottom have shows the perms for the user selected above.

to enforce what you want, you need first to add the <Everyone> user

then for that user;
click the Advanced button near the bottom half
you get another window Adv Security Settings with the list of users sigh

select the Everyone name
click Edit

click FULL control and then DENY delete.

I would then uncheck in the Allow column
{Read,change} Perms and Take Ownership

click ok and then

[x] the inherit box

Yes; this is difficult! BTW: setting <everyone> deny delete includes the owner of the folder too!!! ie everyone means exactly that; everyone

NoW if you can create a GROUP and put specific users into it, then use the GROUP name instead of the <everyone> and then the Owner/Admin will not be so restricted.

 

[gbhall]

Jobeard - since I followed your instructions and created a user Everyone, it still does not prevent delete by me (Admin user). I guess the user Everyone is not connected to any system object - it is just a user like 'JoeBloggs'. Maybe there is some secret process to ensure that myself, as a user, inherits the rights of Everyone (OS object). Can you spot what I am doing wrong? Is it omitting the <> around Everyone?

 

[DelJo63]

my my. I reported what I read on the issue of using DENY privileges.
The warning was you could create a situation where conflicts across Names would be resolved in favor of the DENY[a].

The DENY Delete should be applied to the FOLDER & Contents.
From the Advanced Button ->second popup
you can see the headings

Type, Name Perm, Inherited From​

The last column for <everyone> should read <not inherited>
When I edit everyone and [x] deny delete, I get a popup (when clicking APPLY)
that states [a].

 

[gbhall]

Puzzle upon puzzle - that is exactly what I see....delete is denied, inherit reads <not inherited> but I can still delete the folder. I also did the same for myself as a user, and myself as an administrator - all exactly the same. At no time did I get the popup you mention though. What a crock of <opinion deleted>

Jobeard, thank you for your efforts, but I still don't get it.

Lockbox, on the other hand, I've tried that, and it makes the folder invisible. Can't be much more <undeletable> than that, but once the password is used to unlock it, it is just as deletable as before. So not real answer yet.

 

[DelJo63]

sheez; sorry for the waste of time. There are times I just HATE MS!

 

[ravisunny2]

gbhall, as mentioned above, you could modify the Right-Click Context Menu.

http://www.ehow.com/how_4498929_righ...indows-xp.html

Also, if you are the only person who uses the pc, you could write your own application that can handle File/Folder deletion in a customized fashion.

 

[gbhall]

gbhall, as mentioned above, you could modify the Right-Click Context Menu.

http://www.ehow.com/how_4498929_righ...indows-xp.html

Also, if you are the only person who uses the pc, you could write your own application that can handle File/Folder deletion in a customized fashion.

I bow to your expertise in the possibility of rolling my own right-click menu. It would of course have to only apply to selected directories, and would have to inherit downwards without affecting contained files.

Quite a requirement perhaps? On top of which, I might be a very expert programmer in one language (visual foxpro), and less expert in several other languages, but not at all in C++ or windows scripting and don't know or care anything about Windows internal calls and procedures. Sorry, just not practical I suspect.

 

[DelJo63]

hmm; for a single user system, I would think that good user practice would not encounter this problem, and if done accidentally, a backup plan would be sufficient.

For a multi-user system or for file-shares that need all user r/w and still disallow delete, the programming solution has a practical problem: How to inhibit the existing delete capability for ALL USERS and enforce the use of this special purpose program?

 

[gbhall]

Jobeard - your point about good user practice and how did anyone as long-term as myself manage to do that? Accidents happen to all of us.....I have a very regular multi-level backup, but not (until now) including certain folders, because they are purely working folders and never contain significant data (except for possibly a day or so, during which (sod's law) I had the careless accident :dead

It has been a learning experience on several levels, and only reinforces what one knows, but does not fully attend to - that no matter how good a system or how experienced a user, accidents happen. I've seen it, done it, and the important thing to do is try to imagine every conceivable eventuality when you design a system for long-term security. That seems easy, but it ain't.

Good example the other day at work. A drive filled (600Gb !!) My own application detected the problem but could not write an error message about it (drive was full ) so I had to re-write the error routines to signal to another place.

Problem down to MS (when is it not ?) and their poor systems that fill 5000 % of the space required by the actual data just with logs. Damme! you don't even know it, although to be fair, you do get warnings from the server when down to about 6Gb spare, but you can't be expected to guess that will fill in a couple of days....well, 3 years data on the previous system occupies less than that !!