Difference between revisions of "Unit Security"

Latest revision as of 04:43, 31 August 2021

`SID_REVISION = 1;`	Current revision level
`SID_MAX_SUB_AUTHORITIES = 15;`
`SID_RECOMMENDED_SUB_AUTHORITIES = 1;`	Will change to around 6 in a future release

`SECURITY_MIN_SID_SIZE = SizeOf(SID) - SizeOf(DWORD);`	Account for SubAuthority[0]
`SECURITY_MAX_SID_SIZE = SizeOf(SID) - SizeOf(DWORD) + (SID_MAX_SUB_AUTHORITIES * SizeOf(DWORD));`	Account for SubAuthority[0]

`SidTypeUser = 1;`
`SidTypeGroup = 2;`
`SidTypeDomain = 3;`
`SidTypeAlias = 4;`
`SidTypeWellKnownGroup = 5;`
`SidTypeDeletedAccount = 6;`
`SidTypeInvalid = 7;`
`SidTypeUnknown = 8;`
`SidTypeComputer = 9;`

ACL ACL_*

`ACL_REVISION = 2;`
`ACL_REVISION_DS = 4;`

`ACL_REVISION1 = 1;`
`ACL_REVISION2 = 2;`
`MIN_ACL_REVISION = ACL_REVISION2;`
`ACL_REVISION3 = 3;`
`ACL_REVISION4 = 4;`
`MAX_ACL_REVISION = ACL_REVISION4;`

`AclRevisionInformation = 1;`
`AclSizeInformation = 2;`

ACE ACE_*

The following are the predefined ace types that go into the AceType field of an Ace header
`ACCESS_MIN_MS_ACE_TYPE = $0;`
`ACCESS_ALLOWED_ACE_TYPE = $0;`
`ACCESS_DENIED_ACE_TYPE = $1;`
`SYSTEM_AUDIT_ACE_TYPE = $2;`
`SYSTEM_ALARM_ACE_TYPE = $3;`
`ACCESS_MAX_MS_V2_ACE_TYPE = $3;`

`ACCESS_ALLOWED_COMPOUND_ACE_TYPE = $4;`
`ACCESS_MAX_MS_V3_ACE_TYPE = $4;`

`ACCESS_MIN_MS_OBJECT_ACE_TYPE = $5;`
`ACCESS_ALLOWED_OBJECT_ACE_TYPE = $5;`
`ACCESS_DENIED_OBJECT_ACE_TYPE = $6;`
`SYSTEM_AUDIT_OBJECT_ACE_TYPE = $7;`
`SYSTEM_ALARM_OBJECT_ACE_TYPE = $8;`
`ACCESS_MAX_MS_OBJECT_ACE_TYPE = $8;`

`ACCESS_MAX_MS_V4_ACE_TYPE = $8;`
`ACCESS_MAX_MS_ACE_TYPE = $8;`

`ACCESS_ALLOWED_CALLBACK_ACE_TYPE = $9;`
`ACCESS_DENIED_CALLBACK_ACE_TYPE = $A;`
`ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = $B;`
`ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = $C;`
`SYSTEM_AUDIT_CALLBACK_ACE_TYPE = $D;`
`SYSTEM_ALARM_CALLBACK_ACE_TYPE = $E;`
`SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = $F;`
`SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = $10;`

`ACCESS_MAX_MS_V5_ACE_TYPE = $10;`

The following are the inherit flags that go into the AceFlags field of an Ace header
`OBJECT_INHERIT_ACE = $1;`
`CONTAINER_INHERIT_ACE = $2;`
`NO_PROPAGATE_INHERIT_ACE = $4;`
`INHERIT_ONLY_ACE = $8;`
`INHERITED_ACE = $10;`
`VALID_INHERIT_FLAGS = $1F;`

The following are the currently defined ACE flags that go into the AceFlags field of an ACE header. Each ACE type has its own set of AceFlags.
SYSTEM_AUDIT and SYSTEM_ALARM AceFlags
`SUCCESSFUL_ACCESS_ACE_FLAG = $40;`
`FAILED_ACCESS_ACE_FLAG = $80;`

Currently defined Flags for "OBJECT" ACE types
`ACE_OBJECT_TYPE_PRESENT = $1;`
`ACE_INHERITED_OBJECT_TYPE_PRESENT = $2;`

Security descriptor SECURITY_DESCRIPTOR_*

`SECURITY_DESCRIPTOR_REVISION = 1;`	Current security descriptor revision value
`SECURITY_DESCRIPTOR_REVISION1 = 1;`

`SE_OWNER_DEFAULTED = $0001;`
`SE_GROUP_DEFAULTED = $0002;`
`SE_DACL_PRESENT = $0004;`
`SE_DACL_DEFAULTED = $0008;`
`SE_SACL_PRESENT = $0010;`
`SE_SACL_DEFAULTED = $0020;`
`SE_DACL_AUTO_INHERIT_REQ = $0100;`
`SE_SACL_AUTO_INHERIT_REQ = $0200;`
`SE_DACL_AUTO_INHERITED = $0400;`
`SE_SACL_AUTO_INHERITED = $0800;`
`SE_DACL_PROTECTED = $1000;`
`SE_SACL_PROTECTED = $2000;`
`SE_RM_CONTROL_VALID = $4000;`
`SE_SELF_RELATIVE = $8000;`

Universal well-known SIDs SECURITY_NULL_SID_*

`SECURITY_NULL_SID_IDENTIFIER = 0;`
`SECURITY_WORLD_SID_IDENTIFIER = 1;`
`SECURITY_LOCAL_SID_IDENTIFIER = 2;`
`SECURITY_CREATOR_SID_IDENTIFIER = 3;`
`SECURITY_NON_UNIQUE_IDENTIFIER = 4;`
`SECURITY_RESOURCE_MANAGER_IDENTIFIER = 9;`

`SECURITY_NULL_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 0));`
`SECURITY_WORLD_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 1));`
`SECURITY_LOCAL_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 2));`
`SECURITY_CREATOR_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 3));`
`SECURITY_NON_UNIQUE_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 4));`
`SECURITY_RESOURCE_MANAGER_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 9));`

`SECURITY_NULL_RID = $00000000;`
`SECURITY_WORLD_RID = $00000000;`
`SECURITY_LOCAL_RID = $00000000;`

`SECURITY_CREATOR_OWNER_RID = $00000000;`
`SECURITY_CREATOR_GROUP_RID = $00000001;`

`SECURITY_CREATOR_OWNER_SERVER_RID = $00000002;`
`SECURITY_CREATOR_GROUP_SERVER_RID = $00000003;`

NT well-known SIDs SECURITY_NT_IDENTIFIER*

`SECURITY_NT_IDENTIFIER = 5;`

`SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5));`

`SECURITY_DIALUP_RID = $00000001;`
`SECURITY_NETWORK_RID = $00000002;`
`SECURITY_BATCH_RID = $00000003;`
`SECURITY_INTERACTIVE_RID = $00000004;`
`SECURITY_SERVICE_RID = $00000006;`
`SECURITY_ANONYMOUS_LOGON_RID = $00000007;`
`SECURITY_PROXY_RID = $00000008;`
`SECURITY_ENTERPRISE_CONTROLLERS_RID = $00000009;`
`SECURITY_SERVER_LOGON_RID = SECURITY_ENTERPRISE_CONTROLLERS_RID;`
`SECURITY_PRINCIPAL_SELF_RID = $0000000A;`
`SECURITY_AUTHENTICATED_USER_RID = $0000000B;`
`SECURITY_RESTRICTED_CODE_RID = $0000000C;`
`SECURITY_TERMINAL_SERVER_RID = $0000000D;`
`SECURITY_REMOTE_LOGON_RID = $0000000E;`

`SECURITY_LOGON_IDS_RID = $00000005;`
`SECURITY_LOGON_IDS_RID_COUNT = 3;`
`SECURITY_LOCAL_SYSTEM_RID = $00000012;`
`SECURITY_LOCAL_SERVICE_RID = $00000013;`
`SECURITY_NETWORK_SERVICE_RID = $00000014;`
`SECURITY_NT_NON_UNIQUE = $00000015;`
`SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT = 3;`
`SECURITY_BUILTIN_DOMAIN_RID = $00000020;`

Well-known users _USER_RID_*

`DOMAIN_USER_RID_ADMIN = $000001F4;`
`DOMAIN_USER_RID_GUEST = $000001F5;`
`DOMAIN_USER_RID_KRBTGT = $000001F6;`

Well-known groups _GROUP_RID_*

`DOMAIN_GROUP_RID_ADMINS = $00000200;`
`DOMAIN_GROUP_RID_USERS = $00000201;`
`DOMAIN_GROUP_RID_GUESTS = $00000202;`
`DOMAIN_GROUP_RID_COMPUTERS = $00000203;`
`DOMAIN_GROUP_RID_CONTROLLERS = $00000204;`
`DOMAIN_GROUP_RID_CERT_ADMINS = $00000205;`
`DOMAIN_GROUP_RID_SCHEMA_ADMINS = $00000206;`
`DOMAIN_GROUP_RID_ENTERPRISE_ADMINS = $00000207;`
`DOMAIN_GROUP_RID_POLICY_ADMINS = $00000208;`

Well-known aliases _ALIAS_RID_*

`DOMAIN_ALIAS_RID_ADMINS = $00000220;`
`DOMAIN_ALIAS_RID_USERS = $00000221;`
`DOMAIN_ALIAS_RID_GUESTS = $00000222;`
`DOMAIN_ALIAS_RID_POWER_USERS = $00000223;`

`DOMAIN_ALIAS_RID_ACCOUNT_OPS = $00000224;`
`DOMAIN_ALIAS_RID_SYSTEM_OPS = $00000225;`
`DOMAIN_ALIAS_RID_PRINT_OPS = $00000226;`
`DOMAIN_ALIAS_RID_BACKUP_OPS = $00000227;`

`DOMAIN_ALIAS_RID_REPLICATOR = $00000228;`
`DOMAIN_ALIAS_RID_RAS_SERVERS = $00000229;`
`DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = $0000022A;`
`DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = $0000022B;`
`DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = $0000022C;`

Group attributes _GROUP_*

`SE_GROUP_MANDATORY = $00000001;`
`SE_GROUP_ENABLED_BY_DEFAULT = $00000002;`
`SE_GROUP_ENABLED = $00000004;`
`SE_GROUP_OWNER = $00000008;`
`SE_GROUP_USE_FOR_DENY_ONLY = $00000010;`
`SE_GROUP_LOGON_ID = $C0000000;`
`SE_GROUP_RESOURCE = $20000000;`

Type definitions

SID identifier authority

SID_IDENTIFIER_AUTHORITY = _SID_IDENTIFIER_AUTHORITY;

TSidIdentifierAuthority = SID_IDENTIFIER_AUTHORITY;

PSidIdentifierAuthority = PSID_IDENTIFIER_AUTHORITY;

PSID_IDENTIFIER_AUTHORITY = ^SID_IDENTIFIER_AUTHORITY;

_SID_IDENTIFIER_AUTHORITY = record

`Value: array [0..5] of Byte;`

SID types

SID = _SID;

PPSID = ^PSID;

TSid = SID;

PSid = ^SID;

_SID = record

`Revision: Byte;`
`SubAuthorityCount: Byte;`
`IdentifierAuthority: SID_IDENTIFIER_AUTHORITY;`
`SubAuthority: array [0..ANYSIZE_ARRAY - 1] of DWORD;`

Signed types

`BOOL = LongBool;`

Unsigned types

`UCHAR = Byte;`

Pointer types

`PUCHAR = ^Byte;`

GUID types

`GUID = TGUID;`

SID name use

`_SID_NAME_USE = DWORD;`
`SID_NAME_USE = _SID_NAME_USE;`
`PSID_NAME_USE = ^SID_NAME_USE;`
`TSidNameUse = SID_NAME_USE;`
`PSidNameUse = PSID_NAME_USE;`

SID and attributes

SID_AND_ATTRIBUTES = _SID_AND_ATTRIBUTES;

TSidAndAttributes = SID_AND_ATTRIBUTES;

PSidAndAttributes = PSID_AND_ATTRIBUTES;

PSID_AND_ATTRIBUTES = ^SID_AND_ATTRIBUTES;

_SID_AND_ATTRIBUTES = record

`Sid: PSID;`
`Attributes: DWORD;`

SID and attributes array

`SID_AND_ATTRIBUTES_ARRAY = array [0..ANYSIZE_ARRAY - 1] of SID_AND_ATTRIBUTES;`
`PSID_AND_ATTRIBUTES_ARRAY = ^SID_AND_ATTRIBUTES_ARRAY;`
`PSidAndAttributesArray = ^TSidAndAttributesArray;`
`TSidAndAttributesArray = SID_AND_ATTRIBUTES_ARRAY;`

ACL

ACL = _ACL;

TAcl = ACL;

PPACL = ^PACL;

PACL = ^ACL;

_ACL = record

`AclRevision: Byte;`
`Sbz1: Byte;`
`AclSize: Word;`
`AceCount: Word;`
`Sbz2: Word;`

ACL information class

`_ACL_INFORMATION_CLASS = DWORD;`
`ACL_INFORMATION_CLASS = _ACL_INFORMATION_CLASS;`
`TAclInformationClass = ACL_INFORMATION_CLASS;`

ACL revision information

ACL_REVISION_INFORMATION = _ACL_REVISION_INFORMATION;

TAclRevisionInformation = ACL_REVISION_INFORMATION;

PAclRevisionInformation = PACL_REVISION_INFORMATION;

PACL_REVISION_INFORMATION = ^ACL_REVISION_INFORMATION;

_ACL_REVISION_INFORMATION = record

Note: This record is returned/sent if the user is requesting/setting the AclRevisionInformation
`AclRevision: DWORD;`

ACL size information

ACL_SIZE_INFORMATION = _ACL_SIZE_INFORMATION;

TAclSizeInformation = ACL_SIZE_INFORMATION;

PAclSizeInformation = PACL_SIZE_INFORMATION;

PACL_SIZE_INFORMATION = ^ACL_SIZE_INFORMATION;

_ACL_SIZE_INFORMATION = record

Note: This record is returned if the user is requesting AclSizeInformation
`AceCount: DWORD;`
`AclBytesInUse: DWORD;`
`AclBytesFree: DWORD;`

Access mask

`ACCESS_MASK = DWORD;`
`PACCESS_MASK = ^ACCESS_MASK;`
`TAccessMask = ACCESS_MASK;`
`PAccessMask = PACCESS_MASK;`

ACE header

ACE_HEADER = _ACE_HEADER;

TAceHeader = ACE_HEADER;

PAceHeader = PACE_HEADER;

PACE_HEADER = ^ACE_HEADER;

_ACE_HEADER = record

`AceType: Byte;`
`AceFlags: Byte;`
`AceSize: Word;`

Access allowed

ACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;

TAccessAllowedAce = ACCESS_ALLOWED_ACE;

PAccessAllowedAce = PACCESS_ALLOWED_ACE;

PACCESS_ALLOWED_ACE = ^ACCESS_ALLOWED_ACE;

_ACCESS_ALLOWED_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`SidStart: DWORD;`

Access denied

ACCESS_DENIED_ACE = _ACCESS_DENIED_ACE;

TAccessDeniedAce = ACCESS_DENIED_ACE;

PAccessDeniedAce = PACCESS_DENIED_ACE;

PACCESS_DENIED_ACE = ^ACCESS_DENIED_ACE;

_ACCESS_DENIED_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`SidStart: DWORD;`

System audit

SYSTEM_AUDIT_ACE = _SYSTEM_AUDIT_ACE;

TSystemAuditAce = SYSTEM_AUDIT_ACE;

PSystemAuditAce = PSYSTEM_AUDIT_ACE;

PSYSTEM_AUDIT_ACE = ^SYSTEM_AUDIT_ACE;

_SYSTEM_AUDIT_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`SidStart: DWORD;`

System alarm

SYSTEM_ALARM_ACE = _SYSTEM_ALARM_ACE;

TSystemAlarmAce = SYSTEM_ALARM_ACE;

PSystemAlarmAce = PSYSTEM_ALARM_ACE;

PSYSTEM_ALARM_ACE = ^SYSTEM_ALARM_ACE;

_SYSTEM_ALARM_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`SidStart: DWORD;`

Access allowed object

ACCESS_ALLOWED_OBJECT_ACE = _ACCESS_ALLOWED_OBJECT_ACE;

TAccessAllowedObjectAce = ACCESS_ALLOWED_OBJECT_ACE;

PAccessAllowedObjectAce = PACCESS_ALLOWED_OBJECT_ACE;

PACCESS_ALLOWED_OBJECT_ACE = ^ACCESS_ALLOWED_OBJECT_ACE;

_ACCESS_ALLOWED_OBJECT_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`Flags: DWORD;`
`ObjectType: GUID;`
`InheritedObjectType: GUID;`
`SidStart: DWORD;`

Access denied object

ACCESS_DENIED_OBJECT_ACE = _ACCESS_DENIED_OBJECT_ACE;

TAccessDeniedObjectAce = ACCESS_DENIED_OBJECT_ACE;

PAccessDeniedObjectAce = PACCESS_DENIED_OBJECT_ACE;

PACCESS_DENIED_OBJECT_ACE = ^ACCESS_DENIED_OBJECT_ACE;

_ACCESS_DENIED_OBJECT_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`Flags: DWORD;`
`ObjectType: GUID;`
`InheritedObjectType: GUID;`
`SidStart: DWORD;`

System audit object

SYSTEM_AUDIT_OBJECT_ACE = _SYSTEM_AUDIT_OBJECT_ACE;

TSystemAuditObjectAce = SYSTEM_AUDIT_OBJECT_ACE;

PSystemAuditObjectAce = PSYSTEM_AUDIT_OBJECT_ACE;

PSYSTEM_AUDIT_OBJECT_ACE = ^SYSTEM_AUDIT_OBJECT_ACE;

_SYSTEM_AUDIT_OBJECT_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`Flags: DWORD;`
`ObjectType: GUID;`
`InheritedObjectType: GUID;`
`SidStart: DWORD;`

System alarm object

SYSTEM_ALARM_OBJECT_ACE = _SYSTEM_ALARM_OBJECT_ACE;

TSystemAlarmObjectAce = SYSTEM_ALARM_OBJECT_ACE;

PSystemAlarmObjectAce = PSYSTEM_ALARM_OBJECT_ACE;

PSYSTEM_ALARM_OBJECT_ACE = ^SYSTEM_ALARM_OBJECT_ACE;

_SYSTEM_ALARM_OBJECT_ACE = record

`Header: ACE_HEADER;`
`Mask: ACCESS_MASK;`
`Flags: DWORD;`
`ObjectType: GUID;`
`InheritedObjectType: GUID;`
`SidStart: DWORD;`

Security descriptor control

`SECURITY_DESCRIPTOR_CONTROL = WORD;`
`PSECURITY_DESCRIPTOR_CONTROL = ^SECURITY_DESCRIPTOR_CONTROL;`
`TSecurityDescriptorControl = SECURITY_DESCRIPTOR_CONTROL;`
`PSecurityDescriptorControl = PSECURITY_DESCRIPTOR_CONTROL;`

Security descriptor relative

SECURITY_DESCRIPTOR_RELATIVE = _SECURITY_DESCRIPTOR_RELATIVE;

TSecurityDescriptorRelative = SECURITY_DESCRIPTOR_RELATIVE;

PSecurityDescriptorRelative = PSECURITY_DESCRIPTOR_RELATIVE;

PSECURITY_DESCRIPTOR_RELATIVE = ^SECURITY_DESCRIPTOR_RELATIVE;

_SECURITY_DESCRIPTOR_RELATIVE = record

`Revision: Byte;`
`Sbz1: Byte;`
`Control: SECURITY_DESCRIPTOR_CONTROL;`
`Owner: DWORD;`
`Group: DWORD;`
`Sacl: DWORD;`
`Dacl: DWORD;`

Security descriptor

SECURITY_DESCRIPTOR = _SECURITY_DESCRIPTOR;

TSecurityDescriptor = SECURITY_DESCRIPTOR;

PSecurityDescriptor = PSECURITY_DESCRIPTOR;

PPSECURITY_DESCRIPTOR = ^PSECURITY_DESCRIPTOR;

PSECURITY_DESCRIPTOR = ^SECURITY_DESCRIPTOR;

_SECURITY_DESCRIPTOR = record

`Revision: Byte;`
`Sbz1: Byte;`
`Control: SECURITY_DESCRIPTOR_CONTROL;`
`Owner: PSID;`
`Group: PSID;`
`Sacl: PACL;`
`Dacl: PACL;`

Well known SID type

WELL_KNOWN_SID_TYPE = (

`WinNullSid,`
`WinWorldSid,`
`WinLocalSid,`
`WinCreatorOwnerSid,`
`WinCreatorGroupSid,`
`WinCreatorOwnerServerSid,`
`WinCreatorGroupServerSid,`
`WinNtAuthoritySid,`
`WinDialupSid,`
`WinNetworkSid,`
`WinBatchSid,`
`WinInteractiveSid,`
`WinServiceSid,`
`WinAnonymousSid,`
`WinProxySid,`
`WinEnterpriseControllersSid,`
`WinSelfSid,`
`WinAuthenticatedUserSid,`
`WinRestrictedCodeSid,`
`WinTerminalServerSid,`
`WinRemoteLogonIdSid,`
`WinLogonIdsSid,`
`WinLocalSystemSid,`
`WinLocalServiceSid,`
`WinNetworkServiceSid,`
`WinBuiltinDomainSid,`
`WinBuiltinAdministratorsSid,`
`WinBuiltinUsersSid,`
`WinBuiltinGuestsSid,`
`WinBuiltinPowerUsersSid,`
`WinBuiltinAccountOperatorsSid,`
`WinBuiltinSystemOperatorsSid,`
`WinBuiltinPrintOperatorsSid,`
`WinBuiltinBackupOperatorsSid,`
`WinBuiltinReplicatorSid,`
`WinBuiltinPreWindows2000CompatibleAccessSid,`
`WinBuiltinRemoteDesktopUsersSid,`
`WinBuiltinNetworkConfigurationOperatorsSid,`
`WinAccountAdministratorSid,`
`WinAccountGuestSid,`
`WinAccountKrbtgtSid,`
`WinAccountDomainAdminsSid,`
`WinAccountDomainUsersSid,`
`WinAccountDomainGuestsSid,`
`WinAccountComputersSid,`
`WinAccountControllersSid,`
`WinAccountCertAdminsSid,`
`WinAccountSchemaAdminsSid,`
`WinAccountEnterpriseAdminsSid,`
`WinAccountPolicyAdminsSid,`
`WinAccountRasAndIasServersSid);`
`TWellKnownSidType = WELL_KNOWN_SID_TYPE;`

Well known SID

PWellKnownSid = ^TWellKnownSid;

TWellKnownSid = record

`SidHeader:TSID;`
`SubAuthorities:array[0..5] of DWORD;`

Well known ACE

TWellKnownAce = record

Note: Not Packed (Descriptor Ace defaults)
`AceType:Byte;`
`AceFlags:Byte;`
`AceSize:Word;`
`Mask:LongWord;`
`Sid:TWellKnownSidType;`

Well known ACL

TWellKnownAcl = record

Note: Not Packed (Descriptor Acl defaults)
`AclRevision:Byte;`
`AclSize:Word;`
`AceCount:Word;`
`Aces:array[0..7] of TWellKnownAce;`

Well known descriptor

PWellKnownDescriptor = ^TWellKnownDescriptor;

TWellKnownDescriptor = record

Note: Not Packed (Descriptor defaults)
`Size:LongWord;`
`Revision:Byte;`	Revision
`Control:Word;`	Control Flags
`OwnerOffset:LongWord;`	Offset to Owner SID
`GroupOffset:LongWord;`	Offset to Group SID
`SaclOffset:LongWord;`	Offset to SACL
`DaclOffset:LongWord;`	Offset to DACL
`Owner:TWellKnownSidType;`
`Group:TWellKnownSidType;`
`Sacl:TWellKnownAcl;`
`Dacl:TWellKnownAcl;`

Public variables

None defined