Location: Symbol Reference > Classes > TJwSecurityDescriptor Class > TJwSecurityDescriptor Properties
Collapse All
JWSCL Documentation
ContentsIndexHome
PreviousUpNext
TJwSecurityDescriptor Properties
TJwSecurityDescriptor Class  Legend  Public Properties  Send Feedback

The properties of the TJwSecurityDescriptor class are listed here.

Class
Public Properties
 
Name 
Description 
 
AuditACL 
AuditACL gets the auditing access control list. It returns the internal auditing access control list so do not call Free. If the audit ACL is set, it copies the SACL into a new structure, so the original list is not touched. 
 
AuditInherited 
Indicates the source of the SACL. If this flag is TRUE, the SACL has been retrieved by some default mechanism. If it is FALSE, the SACL has been explicitly specified by a user. The function stores this value in the SE_SACL_DEFAULTED flag of the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is not specified, the SE_SACL_DEFAULTED flag is cleared.
(source: http://msdn2.microsoft.com/en-us/library/aa379587.aspx)
The Control flag is only updated in a newly created SD allocated by Create_SD
 
Control 
Control defines internal security descriptor controls. Do not make write calls to it. 
 
DACL 
DACL sets or gets the discretionary access control list. The read value is the internal used DACL. So do not free it directly. Instead set the write value to nil. The write value is copied into a new DACL (using Assign) if the property OwnDACL is false otherwise the given DACL instance is used directly (using ":=").
If the write value is nil the internal list is freed and set to nil.
The following code releases an old DACL and copies an existing one into the SD. At the end there are two DACL instances that will contain the... more 
 
DACLGenericRemoved 
DACLGenericRemoved is used by TJwSecureFileObject.GetFileInheritanceSourc to decided whether the DACL's accessmask has been mapped from generic to specific rights. 
 
DACLInherited 
A flag that indicates the source of the DACL. If this flag is TRUE, the DACL has been retrieved by some default mechanism. If FALSE, the DACL has been explicitly specified by a user. The function stores this value in the SE_DACL_DEFAULTED flag of the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is not specified, the SE_DACL_DEFAULTED flag is cleared. (source: http://msdn2.microsoft.com/en-us/library/aa379583.aspx);
The Control flag is only updated in a newly created SD allocated by Create_SD
 
DACLPresent 
This property is useful to determine whether the property DACL should be considered if its value is nil. A nil DACL is considered as "allow everybody". If DACLPresent is true and DACL is nil and any of the Create_SD and Create_SA function is called, the newly created winapi security descriptor will have a NULL DACL and so allow everybody access; otherwise the SD will not have a DACL at all.
This situation is equal to a DACL with an access entry that grants GENERIC_ALL to World SID.
This property is automatically set to true if a DACL was set to... more 
 
InheritanceDACLProtection 
InheritanceDACLProtection defines whether the DACL is protected against inheritance flow or not. Use aclpForceUnprotect instead of aclpUnprotected to let flow inheritance. 
 
InheritanceSACLProtection 
InheritanceSACLProtection defines whether the SACL is protected against inheritance flow or not. Use aclpForceUnprotect instead of aclpUnprotected to let flow inheritance. 
 
InheritHandles 
InheritHandles is custom flag that defines whether handles are inherited (true) or not. This property is not used by @ClassName. However some JWSCL methods use it instead of the structure SECURITY_ATTRIBUTES. InheritHandles is used instead of the member bInheritHandle of SECURITY_ATTRIBUTES. In fact it is mapped internally into a SECURITY_ATTRIBUTES structure. 
 
OwnDACL 
OwnDACL defines whether the DACL is copied into a new instance (true) and freed at the end or points directly to the set DACL
 
Owner 
Owner sets or gets the owner of the SD. If the property OwnOwner is true and the property is set, the old Owner TJwSecurityId instance will be freed and the new owner will be copied into a new instance. So there will be two instances of this SID and the original instance is not touched and must be freed if necessary. If the property OwnOwner is false, the old Owner TJwSecurityId will not be freed and the new one will directly point to the new SID.
The following code can be used to set a newly created instance.  
 
OwnerInherited 
OwnerInherited defines whether the owner sid is inherited (true) or not (false) Indicates whether the owner information is derived from a default mechanism. If this value is TRUE, it is default information. The function stores this value as the SE_OWNER_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is zero, the SE_OWNER_DEFAULTED flag is cleared. (source: http://msdn2.microsoft.com/en-us/library/aa379585.aspx)
The Control flag is only updated in a newly created SD allocated by Create_SD
 
OwnOwner 
OwnOwner defines whether the owner SID shall be freed on destruction (true) or not (false) If the property OwnOwner is true and the property Owner is set, the old Owner TJwSecurityId instance will be freed and the new owner will be copied into a new instance. So there will be two instances of this SID and the original instance is not touched and must be freed if necessary.
If the property OwnOwner is false, the old Owner TJwSecurityId will not be freed and the new one will directly point to the new SID.
See Owner for information about how to... more 
 
OwnPrimaryGroup 
OwnPrimaryGroup defines whether the group SID shall be freed on destruction (true) or not (false)
If the property OwnPrimaryGroup is true and the property is set, the old Owner TJwSecurityId instance will be freed and the new owner will be copied into a new instance. So there will be two instances of this SID and the original instance is not touched and must be freed if necessary. If the property OwnPrimaryGroup is false, the old Owner TJwSecurityId will not be freed and the new one will directly point to the new SID.
See Owner for information about how to use... more 
 
PrimaryGroup 
PrimaryGroup sets or gets the group of the SD. If the property OwnPrimaryGroup is true and the property is set, the old Owner TJwSecurityId instance will be freed and the new owner will be copied into a new instance. So there will be two instances of this SID and the original instance is not touched and must be freed if necessary. If the property OwnPrimaryGroup is false, the old Owner TJwSecurityId will not be freed and the new one will directly point to the new SID.
See Owner for information about how to use this property. 
 
PrimaryGroupInherited 
PrimaryGroupInherited defines whethere the group sid is inherited (true) or not (false)
Indicates whether the primary group information was derived from a default mechanism. If this value is TRUE, it is default information, and the function stores this value as the SE_GROUP_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is zero, the SE_GROUP_DEFAULTED flag is cleared. (source: http://msdn2.microsoft.com/en-us/library/aa379584.aspx);
The Control flag is only updated in a newly created SD allocated by Create_SD
 
RMControl 
RMControl sets or gets the resource managercontrol values of the sd. Do not change them if you do not know what it means. For more information see MSDN. This value is ignored in current version. 
 
SACL 
SACL is the same as the property AuditACL. If the audit ACL is set, it copies the SACL into a new structure, so the original list is not touched. 
 
Tag 
This is Tag, a member of class TJwSecurityDescriptor. 
 
Text 
Text returns a text that descripes the security descriptor in a human readable format. 
Links
Copyright (c) 2010. All rights reserved.
This help was created by Doc-O-Matic sponsored by toolsfactory software inc.
Contents | Index | Home
What do you think about this topic? Send feedback!