Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
  1. Home
  2. General Programming
  3. C / C++ / MFC
  4. DACL. Is it necessary to know ?

DACL. Is it necessary to know ?

Scheduled Pinned Locked Moved C / C++ / MFC
c++question
5 Posts 5 Posters 0 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    L Offline
    Lost User
    wrote on last edited by
    #1

    Being an vc++ windows application programmer is it necessary to have knowledge about DACL.

    M 1 Reply Last reply
    0
    • L Lost User

      Being an vc++ windows application programmer is it necessary to have knowledge about DACL.

      M Offline
      M Offline
      Mike Dimmick
      wrote on last edited by
      #2

      Typically, no. The right behaviour is normally to simply pass NULL for an lpSecurityAttributes parameter, in which case Windows will apply a default ACL to the object. If you do want to know about ACLs and security, I suggest Programming Windows Security by Keith Brown. Stability. What an interesting concept. -- Chris Maunder

      U 1 Reply Last reply
      0
      • M Mike Dimmick

        Typically, no. The right behaviour is normally to simply pass NULL for an lpSecurityAttributes parameter, in which case Windows will apply a default ACL to the object. If you do want to know about ACLs and security, I suggest Programming Windows Security by Keith Brown. Stability. What an interesting concept. -- Chris Maunder

        U Offline
        U Offline
        User 1017986
        wrote on last edited by
        #3

        Thx for you quick reply. BTW when will i have to use and learn to use DACL. Any simple situation where i cannot survive with a knowledge of DACL.

        D B 2 Replies Last reply
        0
        • U User 1017986

          Thx for you quick reply. BTW when will i have to use and learn to use DACL. Any simple situation where i cannot survive with a knowledge of DACL.

          D Offline
          D Offline
          David Crow
          wrote on last edited by
          #4

          sanomni wrote: BTW when will i have to use and learn to use DACL. Any simple situation where i cannot survive with a knowledge of DACL. It depends on what type of software you are developing. I've not needed to know anything about it since NT was introduced. However, if my coding required anything security-related, I would thus know quite a bit about it.

          "The pointy end goes in the other man." - Antonio Banderas (Zorro, 1998)

          1 Reply Last reply
          0
          • U User 1017986

            Thx for you quick reply. BTW when will i have to use and learn to use DACL. Any simple situation where i cannot survive with a knowledge of DACL.

            B Offline
            B Offline
            Blake Miller
            wrote on last edited by
            #5

            Here is a scenario where you must know DACL, because the NULL will not work. If you have two processes, one of which is running as a service under the local system account, and you want each one to be able to open a mutex, but you do not want the mutex to have 'wide open' access, then you must apply a DACL. This is all well and good, but suppose the process which is running as a service created the mutex, and the other process is running under the security context of the logged on user. The logged on user process will not be able to open the mutex if it was created under the context of the service (which usually runs as local system) - it will get access denied. So, then you have to apply the correct kinds of DACL to not only secure the object, but to allow it to be opened by the correct types of users. Typically, the NULL DACL will either assign the object the security context of the process which created it, or give the object access to 'everyone'. In some cases, like the one mentioned here, neither case is a workable solution, so a non-NULL DACL must be applied.

            1 Reply Last reply
            0
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • World
            • Users
            • Groups