Permissions
At the outset a Livelink system represents some vestiges of a File System like Unix or Dos.People having worked in that is probably familiar with the term U G O which stood for User,Group,Others.This is what you see in the std permission bit of an object on its ACL. Every object has one ,many times you set the container object right and let the inheritance trickle in.In many places if you set it right you can forget it.But if you install livelink Out of the Box and has no training or nobody to watch it over you are probably going to end up in rogue territory.This is because the user ‘Admin’ and ‘Default Group’ has very high permission bits set.Out of which the owner is a role,so if you start a folder where Admin did not willfully do the permissions set normalization and if you gave ‘Appu’ creation privileges for folder when ‘Appu’ creates objects he becomes owner who is very powerful and so on.Now this could be argued as not a big problem until it runs amok.So what a good permission model is Owner See,See Contents or Nothing,Group See,SC or Nothing and PA,S,SC or nothing.Now you will create administrative groups something simlilar to these discussions and you will be fine.
Always rely on proper groups that you can create and maintain in a directory service (AD is very common) and have those groups synchronized in.It is quite possible that HR systems release feeds into Directory services hence when users leave your organization they will go as well.There will be no permission problems because the real administrative group has overriding permissions that the owner based approach.Simple try it and you will be happy and 50 % of your help desk tickets will come down.
This is what one hears in OpenText engagements as “Community Modelling” well my next part will cover object truth tables as well.
Permissions bit use BitWise logic in FileSystems as well as livelink does recently a programmer told me he finds the awesome bitwise logic un understandable.I just thought wow where is the programming world heading into 🙂
There is nothing wrong in owner having high permissions so long as the administration is willing to support it and understand it.
Security Clearance and Supplemental Markings are OT’s way of securing against inheritance rules in big hush hush organizations.
Appukili's Weblog 
The other thing to think about is Internal v External users, even if initially you are internal only, its easier to create an ALL INTERNAL USERS group and use that in place of the PUBLIC ACCESS that it is to unpick it all when you allow external users in.
Yes in many places I create a massive group called ORG-ALL,then subdivide it to ORG-EMP,ORG-CONTRACTORS,then if you nest all your other groups into ORG-EMP,ORG-CONTRACTORS then we can create a company wide link to say something .Just like PA