Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class System.Security.AccessControl.CommonSecurityDescriptor
Assembly: System.Security.AccessControl
Inheritance: object → GenericSecurityDescriptor → CommonSecurityDescriptor
Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).
Properties
public
ControlFlags
ControlFlags
Gets values that specify behavior of the <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object.
public
DiscretionaryAcl
DiscretionaryAcl
Gets or sets the discretionary access control list (DACL) for this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object. The DACL contains access rules.
Group
Gets or sets the primary group for this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object.
public
bool
IsContainer
Gets a Boolean value that specifies whether the object associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object is a container object.
public
bool
IsDiscretionaryAclCanonical
Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object is in canonical order.
public
bool
IsDS
Gets a Boolean value that specifies whether the object associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object is a directory object.
public
bool
IsSystemAclCanonical
Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object is in canonical order.
Owner
Gets or sets the owner of the object associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object.
public
SystemAcl
SystemAcl
Gets or sets the System Access Control List (SACL) for this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object. The SACL contains audit rules.
public
int
BinaryLength
Gets the length, in bytes, of the binary representation of the current <see cref="T:System.Security.AccessControl.GenericSecurityDescriptor" /> object. This length should be used before marshaling the ACL into a binary array with the <see cref="M:System.Security.AccessControl.GenericSecurityDescriptor.GetBinaryForm(System.Byte[],System.Int32)" /> method.
Methods
public
void
AddDiscretionaryAcl(byte revision,
int trusted)
Sets the <see cref="P:System.Security.AccessControl.CommonSecurityDescriptor.DiscretionaryAcl" /> property for this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> instance and sets the <see cref="F:System.Security.AccessControl.ControlFlags.DiscretionaryAclPresent" /> flag.
revision
The revision level of the new <see cref="T:System.Security.AccessControl.DiscretionaryAcl" /> object.
trusted
The number of Access Control Entries (ACEs) this <see cref="T:System.Security.AccessControl.DiscretionaryAcl" /> object can contain. This number is to be used only as a hint.
public
void
AddSystemAcl(byte revision,
int trusted)
Sets the <see cref="P:System.Security.AccessControl.CommonSecurityDescriptor.SystemAcl" /> property for this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> instance and sets the <see cref="F:System.Security.AccessControl.ControlFlags.SystemAclPresent" /> flag.
revision
The revision level of the new <see cref="T:System.Security.AccessControl.SystemAcl" /> object.
trusted
The number of Access Control Entries (ACEs) this <see cref="T:System.Security.AccessControl.SystemAcl" /> object can contain. This number should only be used as a hint.
public
void
PurgeAccessControl(Principal.SecurityIdentifier sid)
Removes all access rules for the specified security identifier from the Discretionary Access Control List (DACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object.
sid
The security identifier for which to remove access rules.
public
void
PurgeAudit(Principal.SecurityIdentifier sid)
Removes all audit rules for the specified security identifier from the System Access Control List (SACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object.
sid
The security identifier for which to remove audit rules.
public
void
SetDiscretionaryAclProtection(bool isProtected,
bool preserveInheritance)
Sets the inheritance protection for the Discretionary Access Control List (DACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object. DACLs that are protected do not inherit access rules from parent containers.
isProtected
<see langword="true" /> to protect the DACL from inheritance.
preserveInheritance
<see langword="true" /> to keep inherited access rules in the DACL; <see langword="false" /> to remove inherited access rules from the DACL.
public
void
SetSystemAclProtection(bool isProtected,
bool preserveInheritance)
Sets the inheritance protection for the System Access Control List (SACL) associated with this <see cref="T:System.Security.AccessControl.CommonSecurityDescriptor" /> object. SACLs that are protected do not inherit audit rules from parent containers.
isProtected
<see langword="true" /> to protect the SACL from inheritance.
preserveInheritance
<see langword="true" /> to keep inherited audit rules in the SACL; <see langword="false" /> to remove inherited audit rules from the SACL.
public
void
GetBinaryForm(byte[] binaryForm,
int offset)
Inherited from GenericSecurityDescriptor
Returns an array of byte values that represents the information contained in this <see cref="T:System.Security.AccessControl.GenericSecurityDescriptor" /> object.
binaryForm
The byte array into which the contents of the <see cref="T:System.Security.AccessControl.GenericSecurityDescriptor" /> is marshaled.
offset
The offset at which to start marshaling.
public
string
GetSddlForm(AccessControlSections includeSections)
Inherited from GenericSecurityDescriptor
Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor that this <see cref="T:System.Security.AccessControl.GenericSecurityDescriptor" /> object represents.
Returns The SDDL representation of the specified sections of the security descriptor associated with this <see cref="T:System.Security.AccessControl.GenericSecurityDescriptor" /> object.
includeSections
Specifies which sections (access rules, audit rules, primary group, owner) of the security descriptor to get.
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object