Location: Symbol Reference > Classes > TJwComProcessSecurity Class > TJwComProcessSecurity Methods > TJwComProcessSecurity.CreateMinimumCOMSecurityDescriptor Method
JWSCL Documentation
TJwComProcessSecurity.CreateMinimumCOMSecurityDescriptor Method
class function CreateMinimumCOMSecurityDescriptor(const MergeSD: TJwSecurityDescriptor = nil): TJwSecurityDescriptor; virtual;
const MergeSD: TJwSecurityDescriptor = nil 
This parameter defines an additional security descriptor that is used to merge with the default security applied by this method. Only the DACL is merged; other components (User, Group, SACL) are ignored.
Can be nil. 

Returns a TJwSecurityDescriptor class that contains a merged version of both security descriptors. The caller is responsible for freeing this instance.

Creates a security descriptor using minimum access rights to allow SYSTEM and authenticated users to get full control to the class.

The following security descriptor settings are applied.

  • User : Local Administrators (Group)
  • Group : Local Administrators (Group)
  • DACL (The generic and standard rights are not set.):
    • Allow $FFFF (All specific access rights) to Administrators,
    • Allow $FFFF to SYSTEM
    • Allow $FFFF to Authenticated User

If parameter MergeSD is not nil the DACL in the new security descriptor is a still canonical. However, the function will not recognize additional access entries with an existing SID (e.g. SYSTEM). Instead you should consider adapting the existing entries.

Copyright (c) 2010. All rights reserved.
This help was created by Doc-O-Matic sponsored by toolsfactory software inc.
What do you think about this topic? Send feedback!