The Win32 Access Control List (ACL) APIs Programming |
|
|
|
HOME
|
Note: Some code sample may need to be
tested in the domain-based, active directory environment, private or public
in order to see the 'real' output samples. Ask your lab's instructor to
use the appropriate lab. This tutorial exposes some part of the Windows
'security' implementation.What do we have in this session?
Access ControlAccess Control ModelAccess Control ComponentsSecurity DescriptorsSecurable ObjectsAccess Control Entries (ACEs)Object-specific ACEsTrusteesACCESS_MASK Data TypeAccess Mask formatGeneric Access RightsStandard Access RightsSACL Access RightDirectory Services Access RightsHow Security Descriptors are Set on New Directory ObjectsDefault Security DescriptorInteraction Between Threads and Securable ObjectsDACLs and ACEsHow DACLs Control Access to an ObjectOrder of ACEs in a DACLACEs to Control Access to an Object's PropertiesNull DACLs and Empty DACLsAllowing Anonymous AccessSecurity Descriptor Definition Language (SDDL)Security Descriptor String FormatSecurity Descriptor String ExamplesString 1 exampleString 2 exampleThe ACE String DescriptionMore on SID Components
Running with Special PrivilegesRunning with Administrator PrivilegesAsking the User for CredentialsAcquiring user credentialsChanging Privileges in a TokenEnabling and Disabling PrivilegesPrivilege ConstantsSACL Access RightAuditing Access To Private ObjectsLow-level Access ControlLow-level Security Descriptor FunctionsLow-level Security Descriptor CreationAbsolute and Self-Relative Security DescriptorsLow-level ACL and ACE FunctionsImpersonationAccess Tokens for ImpersonationClient ImpersonationImpersonation LevelsSetting the Impersonation LevelRegistry Key Security and Access Rights |
|
|
< Win32 Network Management APIs | Win32 Programming | Win32 Access Control List (ACL) 1 > |