Let me start by saying, this is more of a complaint, directed at Microsoft, then a question.
I got a request from a user; they would like to have folder permission such that a group of people can view and edit existing files, but they cannot add or delete files. To me that seems like a reasonable, albeit somewhat uncommon, request.
As far as I can tell, this cannot be done, with NTFS permissions as they are today. I can prevent them from deleting files/folders, but I can't grant them the ability to modify files AND not be able to create files.
These are the permissions that relate the most to that last part;
Create Files/Write Data: The Create Files permission allows users to create files within the folder. (This permission applies to folders only.) The Write Data permission allows users to make changes to the file and overwrite existing content.
(This permission applies to files only.)
Create Folders/Append Data: This Create Folders permission allows users to create folders within a folder. (This applies to folders only.) The Append Data permission allows users to make changes to the end of the file, but they can't change,
delete, or overwrite existing data. (This applies to files only.)
The problem for me, in this particular situation is; the "create files/write data" are combined as a single permission that can be granted, or not. Those two should be separated.
NTFS has been around for a long time, I would think something like this would have been addresses after this many years.