|
Access-Control Lists (ACLs)
An access-control list (ACL) contains information that controls access to an
object or controls auditing of attempts to access an object. An ACL is an opaque
structure that you can attach to the security descriptor of an object.
An ACL begins with a header in the form of an ACL structure. The header contains information pertaining to the entire ACL,
including the revision level of the structure, the size (in bytes) of the ACL, and
the number of access-control entries (ACEs) in the list. To retrieve this
information, you can use the GetAclInformation function. To change the revision level, you can use the SetAclInformation function.
Following the ACL header is a list of access-control entries (ACEs). Each ACE specifies a trustee, a set of access rights, and a set of flags
that indicate whether the rights are allowed, denied, or audited for the trustee.
A trustee can be a user account, group account, or a logon account for a
program such as a Windows NT service.
Security descriptors use access-control lists to allow, deny, or audit attempts to access the
object to which the security descriptor is attached. A security descriptor can
contain two types of ACLs: a discretionary ACL (DACL) and a system ACL (SACL).
In a DACL, each ACE specifies the types of access that are allowed or denied
for a specified trustee. An object's owner controls the information in the
object's DACL. For example, the owner of a file can use a DACL to control which
users can have access to the file, and which users are denied access.
If the security descriptor for an object does not have a DACL, the object is
not protected and the system allows all attempts to access the object. However,
if an object has a DACL that contains no ACEs, the DACL does not grant any access rights. In this case, the system denies all attempts to access the object. For
information about setting an object's DACL, see Allowing Access.
In a SACL, each ACE specifies the types of access attempts by a specified
trustee that cause the system to generate audit records in the system event log. A
system administrator controls the information in the object's SACL. An ACE in a
SACL can generate audit records when an access attempt fails, when it
succeeds, or both. In future releases, a SACL will also be able to raise an alarm when
an unauthorized user attempts to gain access to an object.
| Last news from Greatis Software |
 |
|
Nostalgia .Net |
|
.Net is powerful, but not all-powerful, so sometimes we need to use Win32 API for our .Net applications. It's simple enough with Platform Invoke if you have Win32 skill, but we do not always have time to dig the ancient documentation, declare the special types that are compatible with Win32, find the values of the Win32's constants and so on. Nostalgia .Net offers several simple-to-use classes, and components that will allow you to forget about the headache of Win32 and just use the power of Win32 in your application the same way as you use the native. Net classes. More » |
| Recommended software for developers |
 |
|
Ultimate Pack |
|
Component pack for Delphi and C++ Builder that contains runtime form designer, runtime object inspector, print suite and much more for the very special price. More » |
 |
|
Form Designer .Net |
|
Unique runtime form design solution that allows to edit any form in .Net WinForms application at runtime with full source codes for only 300 euro! More » |
 |
|
Print Suite .Net |
|
Print Suite .Net is a set of components for easy printing texts, images and grids from your WinForms applications. Full C# source codes are available More » |
 |
|
Gradient Controls .Net |
|
Gradient Controls .Net offers controls with gradient background feature. Labels, panels and so on... Full C# source codes are available More » |
 |
|
Greatis iGrid |
|
iGrid plots drawing grid right over your desktop, so you can use it everywhere, with any drawing application without any special plugins for different graphic editors. More » |
All the contacts and projectsDmitry Vasiliev (just.dmitry)
Related LinksSoftware for Visual Studio .NET developers
Software for Delphi and C++ Builder developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET More Online Helps Win32 Programmer's Reference
Win32 Multimedia Programmer's Reference
OLE Programmer's Reference
Microsoft Windows Pen API Programmer's Reference
Microsoft Windows Sockets 2 Reference
Microsoft Windows Telephony API (TAPI) Programmer's Reference
Unix Manual Pages
|
