An ACE is an access-control entry (ACE) in an access-control list (ACL).
Following are the currently defined ACE types:
|
ACE type |
Structure |
ACL Type |
|
Access allowed |
ACCESS_ALLOWED_ACE |
Discretionary |
|
Access denied |
ACCESS_DENIED_ACE |
Discretionary |
|
System alarm |
SYSTEM_ALARM_ACE |
System |
|
System audit |
SYSTEM_AUDIT_ACE |
System |
System-alarm ACEs are not supported in the current version of Windows NT.
An ACL contains a list of ACEs. An ACE defines access to an object for a specific user or group or defines the types of access that generate system-administration messages or alarms for a specific user or group. The user or group is identified by a security identifier (SID).
Each ACE starts with an ACE_HEADER structure. The format of the data following the header varies according to the ACE type specified in the header.
AddAce, ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE, ACL, SYSTEM_ALARM_ACE, SYSTEM_AUDIT_ACE