Hi everyone,
We’re planning some new Windows
attributeshttp://wiki.opscode.com/display/chef/Improved+Windows+File+Security
in
the next release of Chef to take advantage of the rich permissions system
Windows offers, and wanted to get your feedback. Specifically, we plan to
add the ability to manipulate full Windows-style ACLs on file and directory
resources, and add the full range of inheritance and permission granularity
we’re used to having on Windows.
The summary:
- A new rights
attributehttp://wiki.opscode.com/display/chef/Improved+Windows+File+Security#ImprovedWindowsFileSecurity-ACLs%3Athe{{rights}}attribute,
which lets you give (or deny) rights to Windows users or group and set
attributes like inheritance. - A new inherits
attributehttp://wiki.opscode.com/display/chef/Improved+Windows+File+Security#ImprovedWindowsFileSecurity-Inheritance%3Athe{{inherits}}attribute,
which lets you turn off a file or directory inheriting permissions from its
parents - Modified the owner and group
attributeshttp://wiki.opscode.com/display/chef/Improved+Windows+File+Security#ImprovedWindowsFileSecurity-{{owner}}%2C{{user}}%2C{{group}}and{{mode}},
which now allow the full range of Windows users and groups (not just Unix
ones)
The code is sitting in the chef repository, so you can try it out.
We’d like your thoughts: what we might have missed, what you’d like to work
different, other use cases that you’d like to cover on Windows, and whether
this is worthwhile to you at all 
Please take a gander at the feature
proposalhttp://wiki.opscode.com/display/chef/Improved+Windows+File+Security
and
let us know your thoughts!
Thanks,
–John Keiser
Opscode