System.Security.AccessControl 命名空間

System.Security.AccessControl 命名空間 (Namespace) 提供可控制存取和稽核安全物件之安全性相關動作的程式設計項目。 The System.Security.AccessControl namespace provides programming elements that control access to and audit security-related actions on securable objects.

類別

AccessRule

表示使用者的識別 (Identity)、存取遮罩和存取控制 (Access Control) 型別 (允許或拒絕) 的組合。Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). AccessRule 物件還包含子物件如何繼承規則,以及如何傳用該繼承的相關資訊。An AccessRule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.

AccessRule<T>

表示使用者的識別 (Identity)、存取遮罩和存取控制 (Access Control) 型別 (允許或拒絕) 的組合。Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). AccessRule`1 物件還包含子物件如何繼承規則,以及如何傳用該繼承的相關資訊。An AccessRule`1 object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.

AceEnumerator

可在存取控制清單 (ACL) 中逐一查看存取控制項目 (ACE)。Provides the ability to iterate through the access control entries (ACEs) in an access control list (ACL).

AuditRule

表示使用者識別 (Identity) 和存取遮罩的組合。Represents a combination of a user's identity and an access mask. AuditRule 物件還包含子物件如何繼承規則、如何傳用繼承,以及稽核繼承條件的相關資訊。An AuditRule object also contains information about how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited.

AuditRule<T>

表示使用者識別 (Identity) 和存取遮罩的組合。Represents a combination of a user's identity and an access mask.

AuthorizationRule

決定安全物件的存取權限。Determines access to securable objects. 衍生類別 AccessRuleAuditRule 提供存取和稽核功能的特製化。The derived classes AccessRule and AuditRule offer specializations for access and audit functionality.

AuthorizationRuleCollection

表示 AuthorizationRule 物件的集合。Represents a collection of AuthorizationRule objects.

CommonAce

表示存取控制項目 (ACE)。Represents an access control entry (ACE).

CommonAcl

代表存取控制清單 (ACL),且為 DiscretionaryAclSystemAcl 類別的基底類別。Represents an access control list (ACL) and is the base class for the DiscretionaryAcl and SystemAcl classes.

CommonObjectSecurity

無需直接管理存取控制清單 (ACL) 即可控制對物件的存取。Controls access to objects without direct manipulation of access control lists (ACLs). 這個類別是 NativeObjectSecurity 類別的抽象基底類別。This class is the abstract base class for the NativeObjectSecurity class.

CommonSecurityDescriptor

表示安全性描述元 (Security Descriptor)。Represents a security descriptor. 安全性描述元包括擁有人、主要群組、Discretionary 存取控制清單 (DACL) 和系統存取控制清單 (SACL)。A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

CompoundAce

表示複合存取控制項目 (ACE)。Represents a compound Access Control Entry (ACE).

CryptoKeyAccessRule

表示密碼編譯金鑰的存取規則。Represents an access rule for a cryptographic key. 存取規則是表示使用者識別 (Identity)、存取遮罩和存取控制 (Access Control) 型別 (允許或拒絕) 的組合。An access rule represents a combination of a user's identity, an access mask, and an access control type (allow or deny). 存取規則物件還包含子物件如何繼承規則,以及如何傳用該繼承的相關資訊。An access rule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.

CryptoKeyAuditRule

表示密碼編譯金鑰的稽核規則。Represents an audit rule for a cryptographic key. 稽核規則是表示使用者之識別和存取遮罩的組合。An audit rule represents a combination of a user's identity and an access mask. 稽核規則還包含子物件如何繼承規則、如何傳用繼承,以及稽核繼承條件的相關資訊。An audit rule also contains information about the how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited.

CryptoKeySecurity

提供無需直接管理存取控制清單 (ACL),即可控制對密碼編譯金鑰物件之存取的功能。Provides the ability to control access to a cryptographic key object without direct manipulation of an Access Control List (ACL).

CustomAce

表示未由其中一個 AceType 列舉型別 (Enumeration) 成員定義的存取控制項目 (ACE)。Represents an Access Control Entry (ACE) that is not defined by one of the members of the AceType enumeration.

DirectoryObjectSecurity

提供無需直接管理存取控制清單 (ACL),即可控制對目錄物件之存取的功能。Provides the ability to control access to directory objects without direct manipulation of Access Control Lists (ACLs).

DirectorySecurity

表示目錄的存取控制和稽核安全性。Represents the access control and audit security for a directory. 這個類別無法被繼承。This class cannot be inherited.

DiscretionaryAcl

表示 Discretionary 存取控制清單 (DACL)。Represents a Discretionary Access Control List (DACL).

EventWaitHandleAccessRule

表示允許或拒絕使用者或群組的一組存取權限。Represents a set of access rights allowed or denied for a user or group. 這個類別無法被繼承。This class cannot be inherited.

EventWaitHandleAuditRule

表示要針對使用者或群組稽核的一組存取權限。Represents a set of access rights to be audited for a user or group. 這個類別無法被繼承。This class cannot be inherited.

EventWaitHandleSecurity

表示套用至具名系統等候控制代碼 (Wait Handle) 的 Windows 存取控制安全性。Represents the Windows access control security applied to a named system wait handle. 這個類別無法被繼承。This class cannot be inherited.

FileSecurity

表示檔案的存取控制和稽核安全性。Represents the access control and audit security for a file. 這個類別無法被繼承。This class cannot be inherited.

FileSystemAccessRule

表示為檔案或目錄定義存取規則之存取控制項目 (ACE) 的抽象。Represents an abstraction of an access control entry (ACE) that defines an access rule for a file or directory. 這個類別無法被繼承。This class cannot be inherited.

FileSystemAuditRule

表示存取控制項目 (ACE) 的抽象,其定義檔案或目錄的稽核規則。Represents an abstraction of an access control entry (ACE) that defines an audit rule for a file or directory. 這個類別無法被繼承。This class cannot be inherited.

FileSystemSecurity

表示檔案或目錄的存取控制 (Access Control) 和稽核安全性。Represents the access control and audit security for a file or directory.

GenericAce

表示存取控制項目 (ACE),且為所有其他 ACE 類別的基底類別。Represents an Access Control Entry (ACE), and is the base class for all other ACE classes.

GenericAcl

代表存取控制清單 (ACL),且為 CommonAclDiscretionaryAclRawAclSystemAcl 類別的基底類別。Represents an access control list (ACL) and is the base class for the CommonAcl, DiscretionaryAcl, RawAcl, and SystemAcl classes.

GenericSecurityDescriptor

表示安全性描述元 (Security Descriptor)。Represents a security descriptor. 安全性描述元包括擁有人、主要群組、Discretionary 存取控制清單 (DACL) 和系統存取控制清單 (SACL)。A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

KnownAce

封裝 Microsoft Corporation 目前定義的所有存取控制項目 (ACE) 型別。Encapsulates all Access Control Entry (ACE) types currently defined by Microsoft Corporation. 所有的 KnownAce 物件都包含 32 位元的存取遮罩和 SecurityIdentifier 物件。All KnownAce objects contain a 32-bit access mask and a SecurityIdentifier object.

MutexAccessRule

表示允許或拒絕使用者或群組的一組存取權限。Represents a set of access rights allowed or denied for a user or group. 這個類別無法被繼承。This class cannot be inherited.

MutexAuditRule

表示要針對使用者或群組稽核的一組存取權限。Represents a set of access rights to be audited for a user or group. 這個類別無法被繼承。This class cannot be inherited.

MutexSecurity

表示具名 Mutex 的 Windows 存取控制安全性。Represents the Windows access control security for a named mutex. 這個類別無法被繼承。This class cannot be inherited.

NativeObjectSecurity

提供控制原生物件存取權的能力,而不需直接管理存取控制清單 (ACL)。Provides the ability to control access to native objects without direct manipulation of Access Control Lists (ACLs). 原生物件類型是由 ResourceType 列舉所定義。Native object types are defined by the ResourceType enumeration.

ObjectAccessRule

表示使用者的識別 (Identity)、存取遮罩和存取控制 (Access Control) 型別 (允許或拒絕) 的組合。Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). ObjectAccessRule 物件還包含要套用規則的物件型別、可繼承規則的子物件型別、子物件如何繼承規則,以及如何傳用繼承的相關資訊。An ObjectAccessRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.

ObjectAce

控制目錄服務物件的存取。Controls access to Directory Services objects. 這個類別代表與目錄物件相關聯的存取控制項目 (ACE)。This class represents an Access Control Entry (ACE) associated with a directory object.

ObjectAuditRule

表示使用者識別 (Identity)、存取遮罩和稽核條件的組合。Represents a combination of a user's identity, an access mask, and audit conditions. ObjectAuditRule 物件還包含要套用規則的物件型別、可繼承規則的子物件型別、子物件如何繼承規則,以及如何傳用繼承的相關資訊。An ObjectAuditRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.

ObjectSecurity

提供控制物件存取權的能力,而不需直接管理存取控制清單 (ACL) 。Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs). 這個類別是 CommonObjectSecurityDirectoryObjectSecurity 類別的抽象基底類別。This class is the abstract base class for the CommonObjectSecurity and DirectoryObjectSecurity classes.

ObjectSecurity<T>

提供不直接操作存取控制清單 (ACL) 即可控制對物件之存取的功能,同時也授與對存取權限進行類型轉換的能力。Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs); also grants the ability to type-cast access rights.

PrivilegeNotHeldException

System.Security.AccessControl 命名空間中的方法嘗試啟用本身沒有的權限時,所擲回的例外狀況。The exception that is thrown when a method in the System.Security.AccessControl namespace attempts to enable a privilege that it does not have.

QualifiedAce

表示包含限定詞 (Qualifier) 的存取控制項目 (ACE)。Represents an Access Control Entry (ACE) that contains a qualifier. AceQualifier 物件表示的限定詞,指定 ACE 是允許存取、拒絕存取、引起系統稽核還是引起系統警示。The qualifier, represented by an AceQualifier object, specifies whether the ACE allows access, denies access, causes system audits, or causes system alarms. QualifiedAce 類別是 CommonAceObjectAce 類別的抽象基底類別。The QualifiedAce class is the abstract base class for the CommonAce and ObjectAce classes.

RawAcl

表示存取控制清單 (ACL)。Represents an Access Control List (ACL).

RawSecurityDescriptor

表示安全性描述元 (Security Descriptor)。Represents a security descriptor. 安全性描述元包括擁有人、主要群組、Discretionary 存取控制清單 (DACL) 和系統存取控制清單 (SACL)。A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

RegistryAccessRule

表示允許或拒絕使用者或群組的一組存取權限。Represents a set of access rights allowed or denied for a user or group. 這個類別無法被繼承。This class cannot be inherited.

RegistryAuditRule

表示要針對使用者或群組稽核的一組存取權限。Represents a set of access rights to be audited for a user or group. 這個類別無法被繼承。This class cannot be inherited.

RegistrySecurity

表示登錄機碼的 Windows 存取控制 (Access Control) 安全性。Represents the Windows access control security for a registry key. 這個類別無法被繼承。This class cannot be inherited.

SemaphoreAccessRule

表示允許或拒絕使用者或群組的一組存取權限。Represents a set of access rights allowed or denied for a user or group. 這個類別無法被繼承。This class cannot be inherited.

SemaphoreAuditRule

表示要針對使用者或群組稽核的一組存取權限。Represents a set of access rights to be audited for a user or group. 這個類別無法被繼承。This class cannot be inherited.

SemaphoreSecurity

表示具名號誌 (Semaphore) 的 Windows 存取控制安全性。Represents the Windows access control security for a named semaphore. 這個類別無法被繼承。This class cannot be inherited.

SystemAcl

表示系統存取控制清單 (SACL)。Represents a System Access Control List (SACL).

列舉

AccessControlActions

指定允許對安全物件進行的動作。Specifies the actions that are permitted for securable objects.

AccessControlModification

指定要執行的存取控制 (Access Control) 修改型別。 這個列舉型別 (Enumeration) 由 ObjectSecurity 類別及其子類別的方法所使用。This enumeration is used by methods of the ObjectSecurity class and its descendents.

AccessControlSections

指定要儲存或載入的安全性描述元 (Security Descriptor) 區段。Specifies which sections of a security descriptor to save or load.

AccessControlType

指定 AccessRule 物件是用於允許存取還是拒絕存取。 這些值不是旗標,它們也不可組合。These values are not flags, and they cannot be combined.

AceFlags

指定存取控制項目 (ACE) 的繼承 (Inheritance) 和稽核行為。Specifies the inheritance and auditing behavior of an access control entry (ACE).

AceQualifier

指定存取控制項目 (ACE) 的功能。Specifies the function of an access control entry (ACE).

AceType

定義可用的存取控制項目 (ACE) 型別。Defines the available access control entry (ACE) types.

AuditFlags

指定稽核嘗試存取安全物件的條件。Specifies the conditions for auditing attempts to access a securable object.

CompoundAceType

指定 CompoundAce 物件的型別。Specifies the type of a CompoundAce object.

ControlFlags

這些旗標會影響安全性描述元 (Security Descriptor) 行為。These flags affect the security descriptor behavior.

CryptoKeyRights

指定授權規則控制存取或稽核的密碼編譯金鑰作業。Specifies the cryptographic key operation for which an authorization rule controls access or auditing.

EventWaitHandleRights

指定可套用至具名系統事件物件的存取控制 (Access Control) 權限。Specifies the access control rights that can be applied to named system event objects.

FileSystemRights

定義建立存取規則和稽核規則時要使用的存取權限。Defines the access rights to use when creating access and audit rules.

InheritanceFlags

繼承 (Inheritance) 旗標會指定存取控制項目 (ACE) 的繼承語意。Inheritance flags specify the semantics of inheritance for access control entries (ACEs).

MutexRights

指定可套用至具名系統 Mutex 物件的存取控制權限。Specifies the access control rights that can be applied to named system mutex objects.

ObjectAceFlags

指定存取控制項目 (ACE) 的物件型別是否存在。Specifies the presence of object types for Access Control Entries (ACEs).

PropagationFlags

指定如何將存取控制項目 (ACE) 傳用至子物件。Specifies how Access Control Entries (ACEs) are propagated to child objects. 只有存在繼承 (Inheritance) 旗標時,這些旗標才有意義。These flags are significant only if inheritance flags are present.

RegistryRights

指定可套用至登錄物件的存取控制 (Access Control) 權限。Specifies the access control rights that can be applied to registry objects.

ResourceType

指定定義的原生 (Native) 物件型別。Specifies the defined native object types.

SecurityInfos

指定要查詢或設定的安全性描述元 (Security Descriptor) 區段。Specifies the section of a security descriptor to be queried or set.

SemaphoreRights

指定可套用至具名系統號誌 (Semaphore) 物件的存取控制 (Access Control) 權限。Specifies the access control rights that can be applied to named system semaphore objects.

委派

NativeObjectSecurity.ExceptionFromErrorCode

提供方法,便於整合子 (Integrator) 將數字錯誤碼對應至其建立的特定例外狀況。Provides a way for integrators to map numeric error codes to specific exceptions that they create.