SemaphoreSecurity 类

定义

表示命名的信号量的 Windows 访问控制安全性。Represents the Windows access control security for a named semaphore. 无法继承此类。This class cannot be inherited.

public ref class SemaphoreSecurity sealed : System::Security::AccessControl::NativeObjectSecurity
[System.Runtime.InteropServices.ComVisible(false)]
[System.Security.SecurityCritical]
public sealed class SemaphoreSecurity : System.Security.AccessControl.NativeObjectSecurity
type SemaphoreSecurity = class
    inherit NativeObjectSecurity
Public NotInheritable Class SemaphoreSecurity
Inherits NativeObjectSecurity
继承
属性

示例

下面的代码示例演示了 Allow 规则和 Deny 规则之间的分隔,并显示了兼容规则中的权限组合。The following code example demonstrates the separation between Allow rules and Deny rules, and shows the combination of rights in compatible rules. 该示例创建一个 SemaphoreSecurity 对象,添加允许和拒绝当前用户的各种权限的规则,并显示生成的规则对。The example creates a SemaphoreSecurity object, adds rules that allow and deny various rights for the current user, and displays the resulting pair of rules. 然后,该示例允许当前用户具有新权限,并显示结果,并显示新权限与现有 Allow 规则合并。The example then allows new rights for the current user and displays the result, showing that the new rights are merged with the existing Allow rule.

备注

此示例不会将安全对象附加到 Semaphore 的对象。This example does not attach the security object to a Semaphore object. 可以在 Semaphore.GetAccessControlSemaphore.SetAccessControl中找到附加安全对象的示例。Examples that attach security objects can be found in Semaphore.GetAccessControl and Semaphore.SetAccessControl.

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        SemaphoreSecurity mSec = new SemaphoreSecurity();

        // Add a rule that grants the current user the 
        // right to enter or release the semaphore.
        SemaphoreAccessRule rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.Synchronize | SemaphoreRights.Modify, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the semaphore.
        rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Add a rule that allows the current user the 
        // right to read permissions on the semaphore. This rule
        // is merged with the existing Allow rule.
        rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(SemaphoreSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(SemaphoreAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize
 */
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New SemaphoreSecurity()

        ' Add a rule that grants the current user the 
        ' right to enter or release the semaphore.
        Dim rule As New SemaphoreAccessRule(user, _
            SemaphoreRights.Synchronize _
            Or SemaphoreRights.Modify, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the semaphore.
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Add a rule that allows the current user the 
        ' right to read permissions on the semaphore. This 
        ' rule is merged with the existing Allow rule.
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ShowSecurity(mSec)

    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As SemaphoreAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize

注解

SemaphoreSecurity 对象指定已命名的系统信号量的访问权限,还指定如何审核访问尝试。A SemaphoreSecurity object specifies access rights for a named system semaphore, and also specifies how access attempts are audited. 对信号量的访问权限表示为规则,每个访问规则由一个 SemaphoreAccessRule 对象表示。Access rights to the semaphore are expressed as rules, with each access rule represented by a SemaphoreAccessRule object. 每个审核规则都由一个 SemaphoreAuditRule 对象表示。Each auditing rule is represented by a SemaphoreAuditRule object.

这会镜像底层 Windows 安全系统,其中每个安全对象最多具有一个控制对受保护对象的访问的随机访问控制列表(DACL),最多有一个指定访问权限的系统访问控制列表(SACL)审核尝试。This mirrors the underlying Windows security system, in which each securable object has at most one discretionary access control list (DACL) that controls access to the secured object, and at most one system access control list (SACL) that specifies which access attempts are audited. DACL 和 SACL 是访问控制项(ACE)的有序列表,它们指定了用户和组的访问权限和审核。The DACL and SACL are ordered lists of access control entries (ACE) that specify access and auditing for users and groups. SemaphoreAccessRuleSemaphoreAuditRule 对象可能表示多个 ACE。A SemaphoreAccessRule or SemaphoreAuditRule object might represent more than one ACE.

备注

Semaphore 对象可以表示本地信号量或已命名的系统信号量。A Semaphore object can represent a local semaphore or a named system semaphore. Windows 访问控制安全性仅适用于已命名的系统信号量。Windows access control security is meaningful only for named system semaphores.

SemaphoreSecuritySemaphoreAccessRuleSemaphoreAuditRule 类隐藏了 Acl 和 Ace 的实现细节。The SemaphoreSecurity, SemaphoreAccessRule, and SemaphoreAuditRule classes hide the implementation details of ACLs and ACEs. 它们允许你忽略17个不同的 ACE 类型以及正确保留访问权限的继承和传播的复杂性。They allow you to ignore the seventeen different ACE types and the complexity of correctly maintaining inheritance and propagation of access rights. 这些对象还旨在防止出现以下常见的访问控制错误:These objects are also designed to prevent the following common access control errors:

  • 使用 null DACL 创建安全说明符。Creating a security descriptor with a null DACL. 对 DACL 的空引用允许任何用户向对象添加访问规则,这可能会造成拒绝服务攻击。A null reference to a DACL allows any user to add access rules to an object, potentially creating a denial-of-service attack. 新的 SemaphoreSecurity 对象始终以空的 DACL 开头,这会拒绝所有用户的所有访问。A new SemaphoreSecurity object always starts with an empty DACL, which denies all access for all users.

  • 违反了 Ace 的规范排序。Violating the canonical ordering of ACEs. 如果 DACL 中的 ACE 列表不是以规范顺序保存的,则可能会无意中向用户授予对受保护对象的访问权限。If the ACE list in the DACL is not kept in the canonical order, users might inadvertently be given access to the secured object. 例如,拒绝的访问权限必须始终出现在允许的访问权限之前。For example, denied access rights must always appear before allowed access rights. SemaphoreSecurity 对象在内部保持正确的顺序。SemaphoreSecurity objects maintain the correct order internally.

  • 操作安全描述符标志,这些标志应仅限 resource manager 控件。Manipulating security descriptor flags, which should be under resource manager control only.

  • 创建 ACE 标志的无效组合。Creating invalid combinations of ACE flags.

  • 操作继承的 Ace。Manipulating inherited ACEs. 继承和传播由资源管理器处理,以响应对访问和审核规则所做的更改。Inheritance and propagation are handled by the resource manager, in response to changes you make to access and audit rules.

  • 向 Acl 中插入无意义的 Ace。Inserting meaningless ACEs into ACLs.

.NET 安全对象不支持的唯一功能是应由大多数应用程序开发人员避免的危险活动,如下所示:The only capabilities not supported by the .NET security objects are dangerous activities that should be avoided by the majority of application developers, such as the following:

  • 通常由资源管理器执行的低级别任务。Low-level tasks that are normally performed by the resource manager.

  • 以不维护规范排序的方式添加或移除访问控制项。Adding or removing access control entries in ways that do not maintain the canonical ordering.

若要修改命名信号量的 Windows 访问控制安全性,请使用 Semaphore.GetAccessControl 方法获取 SemaphoreSecurity 对象。To modify Windows access control security for a named semaphore, use the Semaphore.GetAccessControl method to get the SemaphoreSecurity object. 通过添加和删除规则修改安全对象,然后使用 Semaphore.SetAccessControl 方法重新附加它。Modify the security object by adding and removing rules, and then use the Semaphore.SetAccessControl method to reattach it.

重要

SemaphoreSecurity 对象所做的更改不会影响已命名的信号量的访问级别,直到调用 Semaphore.SetAccessControl 方法将已更改的安全对象分配给已命名的信号量。Changes you make to a SemaphoreSecurity object do not affect the access levels of the named semaphore until you call the Semaphore.SetAccessControl method to assign the altered security object to the named semaphore.

若要将访问控制安全性从一个信号量复制到另一个信号量,请使用 Semaphore.GetAccessControl 方法获取表示第一个信号量的访问和审核规则的 SemaphoreSecurity 对象,然后使用 Semaphore.SetAccessControl 方法或接受 SemaphoreSecurity 对象的构造函数将这些规则分配给第二个信号量。To copy access control security from one semaphore to another, use the Semaphore.GetAccessControl method to get a SemaphoreSecurity object representing the access and audit rules for the first semaphore, then use the Semaphore.SetAccessControl method, or a constructor that accepts a SemaphoreSecurity object, to assign those rules to the second semaphore.

投资于安全描述符定义语言(SDDL)的用户可以使用 SetSecurityDescriptorSddlForm 方法来设置命名信号量的访问规则,并使用 GetSecurityDescriptorSddlForm 方法来获取表示 SDDL 格式的访问规则的字符串。Users with an investment in the security descriptor definition language (SDDL) can use the SetSecurityDescriptorSddlForm method to set access rules for a named semaphore, and the GetSecurityDescriptorSddlForm method to obtain a string that represents the access rules in SDDL format. 这不建议用于新的开发。This is not recommended for new development.

备注

Windows 98 或 Windows Millennium Edition 不支持同步对象的安全性。Security on synchronization objects is not supported for Windows 98 or Windows Millennium Edition.

构造函数

SemaphoreSecurity()

使用默认值初始化 SemaphoreSecurity 类的新实例。Initializes a new instance of the SemaphoreSecurity class with default values.

SemaphoreSecurity(String, AccessControlSections)

使用来自具有指定名称的系统信号量的访问控制安全性规则的指定部分来初始化 SemaphoreSecurity 类的新实例。Initializes a new instance of the SemaphoreSecurity class with the specified sections of the access control security rules from the system semaphore with the specified name.

属性

AccessRightType

获取 SemaphoreSecurity 类用于表示访问规则的枚举。Gets the enumeration that the SemaphoreSecurity class uses to represent access rights.

AccessRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的访问规则。Gets or sets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AccessRuleType

获取 SemaphoreSecurity 类用于表示访问规则的类型。Gets the type that the SemaphoreSecurity class uses to represent access rules.

AreAccessRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的访问规则是否处于规范顺序。Gets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAccessRulesProtected

获取一个布尔值,用于指定与 ObjectSecurity 对象关联的自定义访问控制列表 (DACL) 是否受到保护。Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AreAuditRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的审核规则是否处于规范顺序。Gets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAuditRulesProtected

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的系统访问控制列表 (SACL) 是否受保护。Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AuditRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的审核规则。Gets or sets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AuditRuleType

获取 SemaphoreSecurity 类用于表示审核规则的类型。Gets the type that the SemaphoreSecurity class uses to represent audit rules.

GroupModified

获取或设置一个布尔值,该值指定是否已修改与安全对象相关联的组。Gets or sets a Boolean value that specifies whether the group associated with the securable object has been modified.

(继承自 ObjectSecurity)
IsContainer

获取一个指定此 ObjectSecurity 对象是否是容器对象的布尔值。Gets a Boolean value that specifies whether this ObjectSecurity object is a container object.

(继承自 ObjectSecurity)
IsDS

获取一个布尔值,该值指定此 ObjectSecurity 对象是否是目录对象。Gets a Boolean value that specifies whether this ObjectSecurity object is a directory object.

(继承自 ObjectSecurity)
OwnerModified

获取或设置一个布尔值,该值指定是否已修改安全对象的所有者。Gets or sets a Boolean value that specifies whether the owner of the securable object has been modified.

(继承自 ObjectSecurity)
SecurityDescriptor

获取此实例的安全说明符。Gets the security descriptor for this instance.

(继承自 ObjectSecurity)

方法

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType)

使用指定的访问权限、访问控制和标志为指定用户创建新的访问控制规则。Creates a new access control rule for the specified user, with the specified access rights, access control, and flags.

AddAccessRule(AccessRule)

将指定的访问规则添加到与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL)。Adds the specified access rule to the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
AddAccessRule(SemaphoreAccessRule)

搜索可以将新规则与之合并的匹配规则。Searches for a matching rule with which the new rule can be merged. 如果未找到符合条件的规则,则添加新规则。If none are found, adds the new rule.

AddAuditRule(AuditRule)

将指定的审核规则添加到与该 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL)。Adds the specified audit rule to the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
AddAuditRule(SemaphoreAuditRule)

搜索可以将新规则与之合并的审核规则。Searches for an audit rule with which the new rule can be merged. 如果未找到符合条件的规则,则添加新规则。If none are found, adds the new rule.

AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags)

新建审核规则,指定规则应用到的用户、要审核的访问权限以及触发审核规则的结果。Creates a new audit rule, specifying the user the rule applies to, the access rights to audit, and the outcome that triggers the audit rule.

Equals(Object)

确定指定的对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(继承自 Object)
GetAccessRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的访问规则的集合。Gets a collection of the access rules associated with the specified security identifier.

(继承自 CommonObjectSecurity)
GetAuditRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的审核规则的集合。Gets a collection of the audit rules associated with the specified security identifier.

(继承自 CommonObjectSecurity)
GetGroup(Type)

获取与指定所有者关联的主要组。Gets the primary group associated with the specified owner.

(继承自 ObjectSecurity)
GetHashCode()

用作默认哈希函数。Serves as the default hash function.

(继承自 Object)
GetOwner(Type)

获取与指定主要组关联的所有者。Gets the owner associated with the specified primary group.

(继承自 ObjectSecurity)
GetSecurityDescriptorBinaryForm()

返回表示此 ObjectSecurity 对象的安全描述符信息的字节值数组。Returns an array of byte values that represents the security descriptor information for this ObjectSecurity object.

(继承自 ObjectSecurity)
GetSecurityDescriptorSddlForm(AccessControlSections)

返回与此 ObjectSecurity 对象关联的安全描述符的指定部分的安全描述符定义语言 (SDDL) 表示形式。Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ModifyAccess(AccessControlModification, AccessRule, Boolean)

将指定的修改应用到与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中。Applies the specified modification to the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
ModifyAccessRule(AccessControlModification, AccessRule, Boolean)

将指定的修改应用到与此 ObjectSecurity 对象关联的自由访问控制列表 (DACL) 中。Applies the specified modification to the Discretionary Access Control List (DACL) associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
ModifyAudit(AccessControlModification, AuditRule, Boolean)

将指定的修改应用到与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中。Applies the specified modification to the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
ModifyAuditRule(AccessControlModification, AuditRule, Boolean)

将指定的修改应用到与此 ObjectSecurity 对象关联的系统访问控制列表 (SACL) 中。Applies the specified modification to the System Access Control List (SACL) associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
Persist(Boolean, String, AccessControlSections)

将与此 ObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 ObjectSecurity)
Persist(SafeHandle, AccessControlSections)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议保持传递给构造函数和 persist 方法的 includeSections 参数的值完全相同。We recommend.persist that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(SafeHandle, AccessControlSections, Object)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(String, AccessControlSections)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(String, AccessControlSections, Object)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
PurgeAccessRules(IdentityReference)

删除与指定 IdentityReference 关联的所有访问规则。Removes all access rules associated with the specified IdentityReference.

(继承自 ObjectSecurity)
PurgeAuditRules(IdentityReference)

删除与指定 IdentityReference 关联的所有审核规则。Removes all audit rules associated with the specified IdentityReference.

(继承自 ObjectSecurity)
ReadLock()

为读取访问锁定此 ObjectSecurity 对象。Locks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
ReadUnlock()

解锁此 ObjectSecurity 对象以进行读取访问。Unlocks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
RemoveAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和访问掩码的访问规则。Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRule(SemaphoreAccessRule)

搜索如下的访问控制规则:与指定的访问规则具有相同的用户和 AccessControlType(允许或拒绝),并具有兼容的继承和传播标志;如果找到,则从中移除指定访问规则中包含的权限。Searches for an access control rule with the same user and AccessControlType (allow or deny) as the specified rule, and with compatible inheritance and propagation flags; if such a rule is found, the rights contained in the specified access rule are removed from it.

RemoveAccessRuleAll(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符的所有访问规则。Removes all access rules that have the same security identifier as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRuleAll(SemaphoreAccessRule)

搜索与指定的规则具有相同用户和 AccessControlType(允许或拒绝)的所有访问控制规则,如果找到则将其移除。Searches for all access control rules with the same user and AccessControlType (allow or deny) as the specified rule and, if found, removes them.

RemoveAccessRuleSpecific(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则完全匹配的所有访问规则。Removes all access rules that exactly match the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRuleSpecific(SemaphoreAccessRule)

搜索与指定的规则完全匹配的访问控制规则,如果找到则将其移除。Searches for an access control rule that exactly matches the specified rule and, if found, removes it.

RemoveAuditRule(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符和访问掩码的审核规则。Removes audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRule(SemaphoreAuditRule)

搜索以下的审核控制规则:与指定的规则具有相同的用户,并具有兼容的继承和传播标志;如果找到兼容规则,则从中移除指定的规则中包含的权限。Searches for an audit control rule with the same user as the specified rule, and with compatible inheritance and propagation flags; if a compatible rule is found, the rights contained in the specified rule are removed from it.

RemoveAuditRuleAll(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符的所有审核规则。Removes all audit rules that have the same security identifier as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRuleAll(SemaphoreAuditRule)

搜索所有使用相同用户作为指定规则的审核规则,如果找到符合条件的规则,则移除它们。Searches for all audit rules with the same user as the specified rule and, if found, removes them.

RemoveAuditRuleSpecific(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则完全匹配的所有审核规则。Removes all audit rules that exactly match the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRuleSpecific(SemaphoreAuditRule)

搜索与指定的规则完全匹配的审核规则;如果找到,则移除这些规则。Searches for an audit rule that exactly matches the specified rule and, if found, removes it.

ResetAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除所有访问规则,然后添加指定的访问规则。Removes all access rules in the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object and then adds the specified access rule.

(继承自 CommonObjectSecurity)
ResetAccessRule(SemaphoreAccessRule)

不论 AccessControlType 如何,移除与指定的规则具有相同用户的所有访问控制规则,然后添加指定的规则。Removes all access control rules with the same user as the specified rule, regardless of AccessControlType, and then adds the specified rule.

SetAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和限定符的所有访问规则,然后添加指定的访问规则。Removes all access rules that contain the same security identifier and qualifier as the specified access rule in the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object and then adds the specified access rule.

(继承自 CommonObjectSecurity)
SetAccessRule(SemaphoreAccessRule)

移除与指定的规则具有相同用户和 AccessControlType(允许或拒绝)的所有控制规则,然后添加指定的规则。Removes all access control rules with the same user and AccessControlType (allow or deny) as the specified rule, and then adds the specified rule.

SetAccessRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的访问规则保护。Sets or removes protection of the access rules associated with this ObjectSecurity object. 父级对象不能通过继承来修改受保护的访问规则。Protected access rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetAuditRule(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同的安全性标识符和限定符所有审核规则,然后添加指定的审核规则。Removes all audit rules that contain the same security identifier and qualifier as the specified audit rule in the System Access Control List (SACL) associated with this CommonObjectSecurity object and then adds the specified audit rule.

(继承自 CommonObjectSecurity)
SetAuditRule(SemaphoreAuditRule)

不论 AuditFlags 的值如何,移除与指定的规则具有相同用户的所有审核规则,然后添加指定的规则。Removes all audit rules with the same user as the specified rule, regardless of the AuditFlags value, and then adds the specified rule.

SetAuditRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的审核规则保护。Sets or removes protection of the audit rules associated with this ObjectSecurity object. 不能由通过继承的父级对象修改受保护的审核规则。Protected audit rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetGroup(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的主要组。Sets the primary group for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetOwner(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的所有者。Sets the owner for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[])

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[], AccessControlSections)

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String, AccessControlSections)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
ToString()

返回一个表示当前对象的 string。Returns a string that represents the current object.

(继承自 Object)
WriteLock()

锁定此 ObjectSecurity 对象以进行写访问。Locks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)
WriteUnlock()

解锁此 ObjectSecurity 对象以进行写入访问。Unlocks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)

适用于

另请参阅