Chapter 41. What Is Ownership?

One of the most important components of ACL-based security in Windows is unfortunately also one of the most subtle and overlooked: ownership. Discretionary access control is all about ownership. If I create an object, I become its owner, and ownership conveys certain inalienable rights: the right to read and to change the object's access control policy. A car, for example, has a very simple access control policy: It's either locked or it's not. When the car is locked, it denies access to everyone, regardless of who they are. When the car is unlocked, it allows access to everyone. As the owner of the car, you hold the keys that allow you to change the car's access control policy. You're always allowed to do this. ...

Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.