ID: Q102098
3.50 3.51 4.00 WINDOWS NT kbprg
The information in this article applies to:
- Microsoft Windows NT versions 3.5, 3.51, 4.0
To gain access to a security access control list (SACL), a process must have the SE_SECURITY_NAME privilege. When requesting access, the calling process must request ACCESS_SYSTEM_SECURITY in the desired access mask.
There is not a privilege that controls read or write access to a discretionary access control list (DACL). Instead, access to read and write an object's DACL is granted by the READ_CONTROL and WRITE_DAC access rights, respectively. These rights must be specifically granted to the user (or group containing the user) for DACL read or write access to be granted. If the owner of an object requests READ_CONTROL or WRITE_DAC, the access will always be granted.
KBCategory: kbprg KBSubcategory: BseSecurity Additional reference words: 3.50 3.51 4.00
Keywords : kbAPI kbKernBase kbGrpKernBase
Version : 3.50 3.51 4.00
Platform : NT WINDOWSLast Reviewed: January 23, 1997