CommonObjectSecurity.RemoveAccessRule(AccessRule) 方法

定义

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和访问掩码的访问规则。Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

protected:
 bool RemoveAccessRule(System::Security::AccessControl::AccessRule ^ rule);
protected bool RemoveAccessRule (System.Security.AccessControl.AccessRule rule);
member this.RemoveAccessRule : System.Security.AccessControl.AccessRule -> bool
Protected Function RemoveAccessRule (rule As AccessRule) As Boolean

参数

rule
AccessRule

要移除的访问规则。The access rule to remove.

返回

如果访问规则已成功移除,则为 true;否则为 falsetrue if the access rule was successfully removed; otherwise, false.

注解

通过使用可能添加访问控制规则的复杂算法来完成访问删除。Access removal is accomplished by using a complex algorithm that might add access control rules in addition to removing them.

如果与访问规则关联的继承规则太复杂false ,而使删除算法成功,则此方法将无法删除访问规则,并返回。This method fails to remove the access rule and returns false if the inheritance rules associated with the access rule are too complex for the removal algorithm to succeed.

为了避免意外允许访问主体,应用程序应检查是否存在允许每个人完全访问权限(AEFA)访问控制项(ACE),并在修改 DACL 之前将其删除。To avoid unintentionally allowing access to principals, applications should check for the existence of an allow everyone full access (AEFA) access control entry (ACE) and remove it before modifying a DACL.

适用于