Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

CDacl Class

This class is a wrapper for a DACL (discretionary access-control list) structure.

Important note Important

This class and its members cannot be used in applications that execute in the Windows Runtime.

class CDacl : public CAcl

Name

Description

CDacl::CDacl

The constructor.

CDacl::~CDacl

The destructor.

Name

Description

CDacl::AddAllowedAce

Adds an allowed ACE (access-control entry) to the CDacl object.

CDacl::AddDeniedAce

Adds a denied ACE to the CDacl object.

CDacl::GetAceCount

Returns the number of ACEs (access-control entries) in the CDacl object.

CDacl::RemoveAce

Removes a specific ACE (access-control entry) from the CDacl object.

CDacl::RemoveAllAces

Removes all of the ACEs contained in the CDacl object.

Name

Description

CDacl::operator =

Assignment operator.

An object's security descriptor can contain a DACL. A DACL contains zero or more ACEs (access-control entries) that identify the users and groups who can access the object. If a DACL is empty (that is, it contains zero ACEs), no access is explicitly granted, so access is implicitly denied. However, if an object's security descriptor does not have a DACL, the object is unprotected and everyone has complete access.

To retrieve an object's DACL, you must be the object's owner or have READ_CONTROL access to the object. To change an object's DACL, you must have WRITE_DAC access to the object.

Use the class methods provided to create, add, remove, and delete ACEs from the CDacl object. See also AtlGetDacl and AtlSetDacl.

For an introduction to the access control model in Windows, see Access Control in the Windows SDK.

Header: atlsecurity.h

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.