- /libs holds predefined system functionality
- /apps application specific
- /etc a dumpsterfire
- /tmp
I'm going off memory here, but I think the below is a good start
All authors have read access to:
- /libs
- /master
- /tmp
- /apps/[whatever their projects are]
- /content/[whatever their projects are]
- /etc [read access, unless there's good reason]
All authors have write access to:
- /apps/[whatever their projects are]
- /content/[whatever their projects are]
- /etc/designs/[whatever their projects are]
- /etc/tags/[whatever their projects are]
Approver (super) authors are able to write to:
- /etc/designs/[whatever their projects are]
Developers should have super author access, plus read/write access to:
- /conf
- /etc/workflow/instances
Compiled JSPs /var/classes/org/apache/jsp/apps Site Admin panels /libs/wcm/core/content/siteadmin Workflow instances /etc/workflow/instances