• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 23. Managing File Security > How Access Control Works

How Access Control Works

When you attempt to access an object or container, Windows XP takes a look at your access token. This token contains a list of SIDs, including the unique user SID and the SIDs for each group to which a user belongs. If any of the SIDs associated with your account match any of the SIDs present in the DACL on the resource you are attempting to access, Windows XP evaluates the applicable ACEs to determine whether or not you should be allowed to interact with the resource.

Windows XP will check local ACEs before inherited ACEs, and Deny ACEs (which prevent a specified type of access) are evaluated before Allow ACEs (which, as the name suggests, allow a specific type of access). So, effective permissions are determined with the following priority, with the top line being highest priority, and the bottom line being the lowest:


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint