windows ファイル権限
Windows ACL
icacls
省略形
icacls [file] /grant
詳細
icacls <FileName> [/grant[:r] <Sid>:<Perm>[...]] [/deny <Sid>:<Perm>[...]] [/remove[:g|:d]] <Sid>[...]] [/t] [/c] [/l] [/q] [/setintegritylevel <Level>:<Policy>[...]]
icacls <Directory> [/substitute <SidOld> <SidNew> [...]] [/restore <ACLfile> [/c] [/l] [/q]]
権限
Perm is a permission mask that can be specified in one of the following forms: A sequence of simple rights: F (full access) M (modify access) RX (read and execute access) R (read-only access) W (write-only access) A comma-separated list in parenthesis of specific rights: D (delete) RC (read control) WDAC (write DAC) WO (write owner) S (synchronize) AS (access system security) MA (maximum allowed) GR (generic read) GW (generic write) GE (generic execute) GA (generic all) RD (read data/list directory) WD (write data/add file) AD (append data/add subdirectory) REA (read extended attributes) WEA (write extended attributes) X (execute/traverse) DC (delete child) RA (read attributes) WA (write attributes) Inheritance rights may precede either Perm form, and they are applied only to directories: (OI): object inherit (CI): container inherit (IO): inherit only (NP): do not propagate inherit
参考
https://technet.microsoft.com/ja-jp/library/cc753525(v=ws.10).aspx