Skip to Content
The .NET Developer's Guide to Windows Security
book

The .NET Developer's Guide to Windows Security

by Keith Brown
September 2004
Intermediate to advanced
408 pages
7h 25m
English
Addison-Wesley Professional
Content preview from The .NET Developer's Guide to Windows Security

Chapter 42. What Is a Security Descriptor?

Each object protected by the Windows discretionary access control system must have some state associated with it to track its security settings. This little bundle of state is often referred to as a “security descriptor.” Logically, here's what that state must contain:

  • Owner SID (Item 41)

  • Group SID

  • DACL: Discretionary Access Control List (Item 43)

  • SACL: System Access Control List (Item 43)

  • Control flags

Windows doesn't document how this little bundle of state is physically stored for each type of object, but we do know that there's no global repository. So the security settings for a file, for example, will be stored as metadata somewhere in the file system (NTFS). The registry also must have some metadata ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

.NET Framework Security

.NET Framework Security

Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price
Programming .NET Security

Programming .NET Security

Adam Freeman, Allen Jones
The .NET Developer’s Guide to Directory Services Programming
Security Strategies in Windows Platforms and Applications, 3rd Edition

Publisher Resources

ISBN: 0321228359Purchase book