1. Home
  2. Windows

How To Take Ownership And Grant Permissions To Access Files & Folders In Windows 8

Like its predecessors, Windows 8 imposes strict access permissions on system-wide locations, folders and files. These access permissions restrict unauthorized users (including clients on network, and standard and guest users on local PC), and external sources (malicious scripts, viruses, malwares etc), from accessing core system folders and files. You may know that, when a malicious script attacks a system, it attempts to gain admin or root access to the system to exploit security vulnerabilities. In contrast to previous Windows versions, Windows 8 comes with an enhanced, and robust Advanced Security Settings, making it difficult for a novice users to gain complete control over the system locations, folders and files.

The file permission is a pre-defined rule that is associated with numerous system objects/users, preventing unauthenticated objects from taking full control over the system files. These file access rules help Windows check if a user or system object can gain special file access and write permission of a file. Additionally, the file access rules are defined by Windows, and can only be changed by PC administrators. The process of taking ownership of system files and changing access permission of system files is quite complicated, as it requires inheriting user objects or replacing default owner (TrustedInstaller object) with a specific PC user. In this post, we bring you step-by-step instructions for gaining full control over Windows 8 system files.

The system-wide locations, including Windows and System32 folder, don’t allow administrators to modify the system dynamic link libraries, executables, and other files. However, you can change the permissions for system files by tweaking Advance Security Settings. For instance, you want to edit and rename Windows 8 Theme DLL file namely uxtheme.dll. The first step for modifying the file content is to gain full file access and write permissions from system user object (TrustedInstaller), which has complete control over all system data.

To begin, move to location where system file that you want to modify, is residing. You will notice that Windows 8 denies all type of write access to the system file, and shows File Access Denied dialog when you attempt to modify, delete and rename the file.

1

Before you begin, make sure that you have administrative privileges to change the file access permissions, as standard user account holders can’t change the ownership of system files. Just right-click the file whose access permissions are to be changed, and then, select Properties. Now, move to Security tab, and select Administrators (<your user account name>\Administrators) from Permissions box to view the current file access permissions.

By default, users from Administrators group can only read and execute the file, and they don’t have permission to modify and write to file. To gain full file write access, click Advanced, present underneath the permissions box.

2-3

This will open Advanced Security Settings dialog of file, showing all the permission entries, Owner’s name, etc., with an option to change the file access permissions of selected user. First, off, change the owner by clicking Change. It will open Select User or Group dialog for selecting the new owner of the file. Instead of entering the name of owner, you can use the Advanced option to select the user from list. For this, click Advanced button.

4.png

In Advanced mode, you can search all the available users by clicking Find Now. It shows users and system objects in the list at the bottom, letting you select user/group to give ownership of the file. If you for instance want to give full file write and access permission to user who belongs to Administrators group, select Administrators and hit OK. Similarly, you can add more users by adding Users group from the list.

5.png

Once Administrators group is added, click OK to close the Select User or Group window.

6

Upon click, it will change the ownership of the file. Now, you need to add a specific Auditing entry for Administrators group to modify the file permissions (read, execute, write, modify etc). Just head over to Auditing tab, and click Add.

7

It will open Select User or Group dialog, allowing you to add a user object for inserting it into auditing entries list. You can either manually enter the name of user (who belongs to Administrators group) or click Advanced to select the user from the list.

8

Once you add the Administrator to auditing entries, it opens a Auditing Entry dialog to let you specify the file permissions. You can click Show advanced permissions to view and enable all file-related access permissions including traverse folder/execute file, read attributes, read extended attributes, create files/write data, write attributes, delete, read permissions, change permissions, take ownership and more. In order to gain complete control over file, select Success from Type drop-down menu, and enable Full control and hit OK.

9.png

This will define the file permissions for selected user. Now, click Apply followed by OK to make changes to file access permissions.

10

Upon click, Windows Security dialog shows up, confirming the changes made to file security and permission settings. Click OK and then close both Advance Security Settings and file Properties dialog.

11

Now, all you need is to open the file Properties dialog, head over Security tab and hit Edit. You will notice that it now allows you to change the file access permissions for all users who belong to Administrators group. Select the user from the list, and under Allow field, check Full control checkbox to gain full file access permissions.

12.png

Now, click Apply, a dialog will pop-up confirming the action. Hit Yes to allow full file access control for selected file.

13

Once file permissions have been gained, you will be able to modify file content, rename it, delete and change file’s extension. However, changing default file security settings will leave system files vulnerable to external attacks. So, it’s advised to restore the original file access settings after making required changes.

14


We also tried using Rizone Take Ownership Extension (an application for Windows 7 that integrates with Windows right-click context menu to quickly take ownership of files and folders) on Windows 8 system files, but it failed to gain special permission for writing and modifying system files. If you have tried any alternative that has worked, let us know in the comments.

Leave a comment