class Puppet::Util::Windows::SecurityDescriptor
Windows Security Descriptor
Represents a security descriptor that can be applied to any Windows securable object, e.g. file, registry key, service, etc. It consists of an owner, group, flags, DACL, and SACL. The SACL is not currently supported, though it has the same layout as a DACL.
@see msdn.microsoft.com/en-us/library/windows/desktop/aa379563(v=vs.85).aspx @api private
Attributes
Public Class Methods
Construct a security descriptor
@param owner [String] The SID of the owner, e.g. 'S-1-5-18' @param group [String] The SID of the group @param dacl [AccessControlList] The ACL specifying the rights granted to each user for accessing the object that the security descriptor refers to. @param protect [Boolean] If true, then inheritable access control entries will be blocked, and not applied to the object.
# File lib/puppet/util/windows/security_descriptor.rb 25 def initialize(owner, group, dacl, protect = false) 26 @owner = owner 27 @group = group 28 @dacl = dacl 29 @protect = protect 30 end
Public Instance Methods
Set the group. Non-inherited access control entries assigned to the current group will be assigned to the new group.
@param new_group [String] The SID of the new group, e.g. 'S-1-0-0'
# File lib/puppet/util/windows/security_descriptor.rb 47 def group=(new_group) 48 if @group != new_group 49 @dacl.reassign!(@group, new_group) 50 @group = new_group 51 end 52 end
# File lib/puppet/util/windows/security_descriptor.rb 54 def inspect 55 str = sid_to_name(owner) 56 str << "\n" 57 str << sid_to_name(group) 58 str << "\n" 59 str << @dacl.inspect 60 str 61 end
Set the owner. Non-inherited access control entries assigned to the current owner will be assigned to the new owner.
@param new_owner [String] The SID of the new owner, e.g. 'S-1-5-18'
# File lib/puppet/util/windows/security_descriptor.rb 36 def owner=(new_owner) 37 if @owner != new_owner 38 @dacl.reassign!(@owner, new_owner) 39 @owner = new_owner 40 end 41 end