This class is a wrapper for an ACL (access-control list) structure.
This class and its members cannot be used in applications that execute in the Windows Runtime.
Returns the number of access-control entry (ACE) objects.
Retrieves the access-control list (ACL) entries from the CAcl object.
Retrieves all of the information about an entry in a CAcl object.
Returns the length of the ACL.
Returns a PACL (pointer to an ACL).
Tests the CAcl object for entries.
Returns the status of the CAcl object.
Removes a specific ACE (access-control entry) from the CAcl object.
Removes all ACEs (access-control entries) from the CAcl that apply to the given CSid.
Marks the CAcl object as empty.
Marks the CAcl object as NULL.
The ACL structure is the header of an ACL (access-control list). An ACL includes a sequential list of zero or more ACEs (access-control entries). The individual ACEs in an ACL are numbered from 0 to n-1, where n is the number of ACEs in the ACL. When editing an ACL, an application refers to an access-control entry (ACE) within the ACL by its index.
There are two ACL types:
A discretionary ACL is controlled by the owner of an object or anyone granted WRITE_DAC access to the object. It specifies the access particular users and groups can have to an object. For example, the owner of a file can use a discretionary ACL to control which users and groups can and cannot have access to the file.
An object can also have system-level security information associated with it, in the form of a system ACL controlled by a system administrator. A system ACL can allow the system administrator to audit any attempts to gain access to an object.
For more details, see the ACL discussion in the Windows SDK.
For an introduction to the access control model in Windows, see Access Control in the Windows SDK.