TJwComProcessSecurity.CreateMinimumCOMSecurityDescriptor Method

Pascal

class function CreateMinimumCOMSecurityDescriptor(const MergeSD: TJwSecurityDescriptor = nil): TJwSecurityDescriptor; virtual;

Parameters

Parameters	Description
const MergeSD: TJwSecurityDescriptor = nil	This parameter defines an additional security descriptor that is used to merge with the default security applied by this method. Only the DACL is merged; other components (User, Group, SACL) are ignored. Can be nil.

Returns

Returns a TJwSecurityDescriptor class that contains a merged version of both security descriptors. The caller is responsible for freeing this instance.

Description

Creates a security descriptor using minimum access rights to allow SYSTEM and authenticated users to get full control to the class.

Remarks

The following security descriptor settings are applied.

User : Local Administrators (Group)
Group : Local Administrators (Group)
DACL (The generic and standard rights are not set.):
- Allow $FFFF (All specific access rights) to Administrators,
- Allow $FFFF to SYSTEM
- Allow $FFFF to Authenticated User

If parameter MergeSD is not nil the DACL in the new security descriptor is a still canonical. However, the function will not recognize additional access entries with an existing SID (e.g. SYSTEM). Instead you should consider adapting the existing entries.

Group

TJwComProcessSecurity Methods

Links

TJwComProcessSecurity Class, TJwComProcessSecurity Members, TJwComProcessSecurity Methods

Contents | Index | Home

What do you think about this topic? Send feedback!