25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

SecurityDescriptorControl.cs 5.8 KiB

7 년 전
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. /* Copyright (C) 2008-2016 Peter Palotas, Jeffrey Jangli, Alexandr Normuradov
  2. *
  3. * Permission is hereby granted, free of charge, to any person obtaining a copy
  4. * of this software and associated documentation files (the "Software"), to deal
  5. * in the Software without restriction, including without limitation the rights
  6. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  7. * copies of the Software, and to permit persons to whom the Software is
  8. * furnished to do so, subject to the following conditions:
  9. *
  10. * The above copyright notice and this permission notice shall be included in
  11. * all copies or substantial portions of the Software.
  12. *
  13. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  14. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  15. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  16. * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  17. * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  18. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  19. * THE SOFTWARE.
  20. */
  21. using System;
  22. namespace Alphaleonis.Win32.Security
  23. {
  24. /// <summary>The SECURITY_DESCRIPTOR_CONTROL data type is a set of bit flags that qualify the meaning of a security descriptor or its components.
  25. /// Each security descriptor has a Control member that stores the SECURITY_DESCRIPTOR_CONTROL bits.</summary>
  26. [Flags]
  27. internal enum SecurityDescriptorControl
  28. {
  29. /// <summary></summary>
  30. None = 0,
  31. /// <summary>SE_OWNER_DEFAULTED (0x0001) - Indicates an SD with a default owner security identifier (SID). You can use this bit to find all of the objects that have default owner permissions set.</summary>
  32. OwnerDefaulted = 1,
  33. /// <summary>SE_GROUP_DEFAULTED (0x0002) - Indicates an SD with a default group SID. You can use this bit to find all of the objects that have default group permissions set.</summary>
  34. GroupDefaulted = 2,
  35. /// <summary>SE_DACL_PRESENT (0x0004) - Indicates an SD that has a discretionary access control list (DACL). If this flag is not set, or if this flag is set and the DACL is NULL, the SD allows full access to everyone.</summary>
  36. DaclPresent = 4,
  37. /// <summary>SE_DACL_DEFAULTED (0x0008) - Indicates an SD with a default DACL. For example, if an object creator does not specify a DACL, the object receives the default DACL from the access token of the creator. This flag can affect how the system treats the DACL, with respect to access control entry (ACE) inheritance. The system ignores this flag if the SE_DACL_PRESENT flag is not set.</summary>
  38. DaclDefaulted = 8,
  39. /// <summary>SE_SACL_PRESENT (0x0010) - Indicates an SD that has a system access control list (SACL).</summary>
  40. SaclPresent = 16,
  41. /// <summary>SE_SACL_DEFAULTED (0x0020) - Indicates an SD with a default SACL. For example, if an object creator does not specify an SACL, the object receives the default SACL from the access token of the creator. This flag can affect how the system treats the SACL, with respect to ACE inheritance. The system ignores this flag if the SE_SACL_PRESENT flag is not set.</summary>
  42. SaclDefaulted = 32,
  43. /// <summary>SE_DACL_AUTO_INHERIT_REQ (0x0100) - Requests that the provider for the object protected by the SD automatically propagate the DACL to existing child objects. If the provider supports automatic inheritance, it propagates the DACL to any existing child objects, and sets the SE_DACL_AUTO_INHERITED bit in the security descriptors of the object and its child objects.</summary>
  44. DaclAutoInheritReq = 256,
  45. /// <summary>SE_SACL_AUTO_INHERIT_REQ (0x0200) - Requests that the provider for the object protected by the SD automatically propagate the SACL to existing child objects. If the provider supports automatic inheritance, it propagates the SACL to any existing child objects, and sets the SE_SACL_AUTO_INHERITED bit in the SDs of the object and its child objects.</summary>
  46. SaclAutoInheritReq = 512,
  47. /// <summary>SE_DACL_AUTO_INHERITED (0x0400) - Windows 2000 only. Indicates an SD in which the DACL is set up to support automatic propagation of inheritable ACEs to existing child objects. The system sets this bit when it performs the automatic inheritance algorithm for the object and its existing child objects. This bit is not set in SDs for Windows NT versions 4.0 and earlier, which do not support automatic propagation of inheritable ACEs.</summary>
  48. DaclAutoInherited = 1024,
  49. /// <summary>SE_SACL_AUTO_INHERITED (0x0800) - Windows 2000: Indicates an SD in which the SACL is set up to support automatic propagation of inheritable ACEs to existing child objects. The system sets this bit when it performs the automatic inheritance algorithm for the object and its existing child objects. This bit is not set in SDs for Windows NT versions 4.0 and earlier, which do not support automatic propagation of inheritable ACEs.</summary>
  50. SaclAutoInherited = 2048,
  51. /// <summary>SE_DACL_PROTECTED (0x1000) - Windows 2000: Prevents the DACL of the SD from being modified by inheritable ACEs.</summary>
  52. DaclProtected = 4096,
  53. /// <summary>SE_SACL_PROTECTED (0x2000) - Windows 2000: Prevents the SACL of the SD from being modified by inheritable ACEs.</summary>
  54. SaclProtected = 8192,
  55. /// <summary>SE_RM_CONTROL_VALID (0x4000) - Indicates that the resource manager control is valid.</summary>
  56. RmControlValid = 16384,
  57. /// <summary>SE_SELF_RELATIVE (0x8000) - Indicates an SD in self-relative format with all of the security information in a contiguous block of memory. If this flag is not set, the SD is in absolute format. For more information, see Absolute and Self-Relative Security Descriptors.</summary>
  58. SelfRelative = 32768
  59. }
  60. }