CDacl Class
This class is a wrapper for a DACL (discretionary access-control list) structure.
Important
This class and its members cannot be used in applications that execute in the Windows Runtime.
class CDacl : public CAcl
Members
Public Constructors
Name |
Description |
|---|---|
The constructor. |
|
The destructor. |
Public Methods
Name |
Description |
|---|---|
Adds an allowed ACE (access-control entry) to the CDacl object. |
|
Adds a denied ACE to the CDacl object. |
|
Returns the number of ACEs (access-control entries) in the CDacl object. |
|
Removes a specific ACE (access-control entry) from the CDacl object. |
|
Removes all of the ACEs contained in the CDacl object. |
Public Operators
Name |
Description |
|---|---|
Assignment operator. |
Remarks
An object's security descriptor can contain a DACL. A DACL contains zero or more ACEs (access-control entries) that identify the users and groups who can access the object. If a DACL is empty (that is, it contains zero ACEs), no access is explicitly granted, so access is implicitly denied. However, if an object's security descriptor does not have a DACL, the object is unprotected and everyone has complete access.
To retrieve an object's DACL, you must be the object's owner or have READ_CONTROL access to the object. To change an object's DACL, you must have WRITE_DAC access to the object.
Use the class methods provided to create, add, remove, and delete ACEs from the CDacl object. See also AtlGetDacl and AtlSetDacl.
For an introduction to the access control model in Windows, see Access Control in the Windows SDK.
Inheritance Hierarchy
CDacl
Requirements
Header: atlsecurity.h