CommonSecurityDescriptor Constructors
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of the CommonSecurityDescriptor class.
Overloads
| CommonSecurityDescriptor(Boolean, Boolean, RawSecurityDescriptor) |
Initializes a new instance of the CommonSecurityDescriptor class from the specified RawSecurityDescriptor object. |
| CommonSecurityDescriptor(Boolean, Boolean, String) |
Initializes a new instance of the CommonSecurityDescriptor class from the specified Security Descriptor Definition Language (SDDL) string. |
| CommonSecurityDescriptor(Boolean, Boolean, Byte[], Int32) |
Initializes a new instance of the CommonSecurityDescriptor class from the specified array of byte values. |
| CommonSecurityDescriptor(Boolean, Boolean, ControlFlags, SecurityIdentifier, SecurityIdentifier, SystemAcl, DiscretionaryAcl) |
Initializes a new instance of the CommonSecurityDescriptor class from the specified information. |
CommonSecurityDescriptor(Boolean, Boolean, RawSecurityDescriptor)
Initializes a new instance of the CommonSecurityDescriptor class from the specified RawSecurityDescriptor object.
public:
CommonSecurityDescriptor(bool isContainer, bool isDS, System::Security::AccessControl::RawSecurityDescriptor ^ rawSecurityDescriptor);public CommonSecurityDescriptor (bool isContainer, bool isDS, System.Security.AccessControl.RawSecurityDescriptor rawSecurityDescriptor);new System.Security.AccessControl.CommonSecurityDescriptor : bool * bool * System.Security.AccessControl.RawSecurityDescriptor -> System.Security.AccessControl.CommonSecurityDescriptorPublic Sub New (isContainer As Boolean, isDS As Boolean, rawSecurityDescriptor As RawSecurityDescriptor)Parameters
- isContainer
- Boolean
true if the new security descriptor is associated with a container object.
- isDS
- Boolean
true if the new security descriptor is associated with a directory object.
- rawSecurityDescriptor
- RawSecurityDescriptor
The RawSecurityDescriptor object from which to create the new CommonSecurityDescriptor object.
Remarks
If the underlying security descriptor from which the new RawSecurityDescriptor object is created contains null for its discretionary access control list (DACL), a single access control entry (ACE) that allows everyone full access (AEFA) is added to the DACL. If an application modifies the DACL of a security descriptor to which an AEFA ACE has been added, the AEFA ACE is persisted with the DACL when that DACL is persisted.
This can result in an application unintentionally allowing access to principals. Because of this, an application should check for the existence of an AEFA ACE and remove it before modifying any security descriptor.
Applies to
CommonSecurityDescriptor(Boolean, Boolean, String)
Initializes a new instance of the CommonSecurityDescriptor class from the specified Security Descriptor Definition Language (SDDL) string.
public:
CommonSecurityDescriptor(bool isContainer, bool isDS, System::String ^ sddlForm);public CommonSecurityDescriptor (bool isContainer, bool isDS, string sddlForm);new System.Security.AccessControl.CommonSecurityDescriptor : bool * bool * string -> System.Security.AccessControl.CommonSecurityDescriptorPublic Sub New (isContainer As Boolean, isDS As Boolean, sddlForm As String)Parameters
- isContainer
- Boolean
true if the new security descriptor is associated with a container object.
- isDS
- Boolean
true if the new security descriptor is associated with a directory object.
- sddlForm
- String
The SDDL string from which to create the new CommonSecurityDescriptor object.
Remarks
If the underlying security descriptor from which the new RawSecurityDescriptor object is created contains null for its discretionary access control list (DACL), a single access control entry (ACE) that allows everyone full access (AEFA) is added to the DACL. If an application modifies the DACL of a security descriptor to which an AEFA ACE has been added, the AEFA ACE is persisted with the DACL when that DACL is persisted.
This can result in an application unintentionally allowing access to principals. Because of this, an application should check for the existence of an AEFA ACE and remove it before modifying any security descriptor.
Applies to
CommonSecurityDescriptor(Boolean, Boolean, Byte[], Int32)
Initializes a new instance of the CommonSecurityDescriptor class from the specified array of byte values.
public:
CommonSecurityDescriptor(bool isContainer, bool isDS, cli::array <System::Byte> ^ binaryForm, int offset);public CommonSecurityDescriptor (bool isContainer, bool isDS, byte[] binaryForm, int offset);new System.Security.AccessControl.CommonSecurityDescriptor : bool * bool * byte[] * int -> System.Security.AccessControl.CommonSecurityDescriptorPublic Sub New (isContainer As Boolean, isDS As Boolean, binaryForm As Byte(), offset As Integer)Parameters
- isContainer
- Boolean
true if the new security descriptor is associated with a container object.
- isDS
- Boolean
true if the new security descriptor is associated with a directory object.
- binaryForm
- Byte[]
The array of byte values from which to create the new CommonSecurityDescriptor object.
- offset
- Int32
The offset in the binaryForm array at which to begin copying.
Remarks
If the underlying security descriptor from which the new RawSecurityDescriptor object is created contains null for its discretionary access control list (DACL),a single access control entry (ACE) that allows everyone full access (AEFA) is added to the DACL. If an application modifies the DACL of a security descriptor to which an AEFA ACE has been added, the AEFA ACE is persisted with the DACL when that DACL is persisted.
This can result in an application unintentionally allowing access to principals. Because of this, an application should check for the existence of an AEFA ACE and remove it before modifying any security descriptor.
Applies to
CommonSecurityDescriptor(Boolean, Boolean, ControlFlags, SecurityIdentifier, SecurityIdentifier, SystemAcl, DiscretionaryAcl)
Initializes a new instance of the CommonSecurityDescriptor class from the specified information.
public:
CommonSecurityDescriptor(bool isContainer, bool isDS, System::Security::AccessControl::ControlFlags flags, System::Security::Principal::SecurityIdentifier ^ owner, System::Security::Principal::SecurityIdentifier ^ group, System::Security::AccessControl::SystemAcl ^ systemAcl, System::Security::AccessControl::DiscretionaryAcl ^ discretionaryAcl);public CommonSecurityDescriptor (bool isContainer, bool isDS, System.Security.AccessControl.ControlFlags flags, System.Security.Principal.SecurityIdentifier owner, System.Security.Principal.SecurityIdentifier group, System.Security.AccessControl.SystemAcl systemAcl, System.Security.AccessControl.DiscretionaryAcl discretionaryAcl);public CommonSecurityDescriptor (bool isContainer, bool isDS, System.Security.AccessControl.ControlFlags flags, System.Security.Principal.SecurityIdentifier? owner, System.Security.Principal.SecurityIdentifier? group, System.Security.AccessControl.SystemAcl? systemAcl, System.Security.AccessControl.DiscretionaryAcl? discretionaryAcl);new System.Security.AccessControl.CommonSecurityDescriptor : bool * bool * System.Security.AccessControl.ControlFlags * System.Security.Principal.SecurityIdentifier * System.Security.Principal.SecurityIdentifier * System.Security.AccessControl.SystemAcl * System.Security.AccessControl.DiscretionaryAcl -> System.Security.AccessControl.CommonSecurityDescriptorPublic Sub New (isContainer As Boolean, isDS As Boolean, flags As ControlFlags, owner As SecurityIdentifier, group As SecurityIdentifier, systemAcl As SystemAcl, discretionaryAcl As DiscretionaryAcl)Parameters
- isContainer
- Boolean
true if the new security descriptor is associated with a container object.
- isDS
- Boolean
true if the new security descriptor is associated with a directory object.
- flags
- ControlFlags
Flags that specify behavior of the new CommonSecurityDescriptor object.
- owner
- SecurityIdentifier
The owner for the new CommonSecurityDescriptor object.
- group
- SecurityIdentifier
The primary group for the new CommonSecurityDescriptor object.
- systemAcl
- SystemAcl
The System Access Control List (SACL) for the new CommonSecurityDescriptor object.
- discretionaryAcl
- DiscretionaryAcl
The Discretionary Access Control List (DACL) for the new CommonSecurityDescriptor object.
Remarks
If the underlying security descriptor from which the new RawSecurityDescriptor object is created contains null for its discretionary access control list (DACL), a single access control entry (ACE) that allows everyone full access (AEFA) is added to the DACL. If an application modifies the DACL of a security descriptor to which an AEFA ACE has been added, the AEFA ACE is persisted with the DACL when that DACL is persisted.
This can result in an application unintentionally allowing access to principals. Because of this, an application should check for the existence of an AEFA ACE and remove it before modifying any security descriptor.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for