I agree that ntfs is a poor file system choice for windows, unless your intention is to physically share the drive with a windows machine. But you can select the permissions of a mounted ntfs filesystem using the "uid", "gid", "fmask" and "umask" mount options. Be sure to include the "x" permission of directories to allow them to be entered. I would clear the "x" permission bit of all files. Also consider "noexec,nosuid" for all mass storage drives regardless of the filesystem. Keep in mind that these permissions are for the entire filesystem. So you may need to partition and reformat the drive to do this and still use ntfs.
If you are sharing this drive, using samba, to people on the network, then you can use samba's controls on which users may access which shares. Here it is the samba permissions denying access. But a user needs permission to access the filesystem before samba can grant permission. Samba can add further restrictions.
Please see the man pages for mount and mount.ntfs for more options.
Last edited by jschiwal; 07-28-2009 at 03:11 PM.