แก้ไข

แชร์ผ่าน


CommonSecurityDescriptor.PurgeAccessControl(SecurityIdentifier) Method

Definition

Removes all access rules for the specified security identifier from the Discretionary Access Control List (DACL) associated with this CommonSecurityDescriptor object.

public:
 void PurgeAccessControl(System::Security::Principal::SecurityIdentifier ^ sid);
public void PurgeAccessControl (System.Security.Principal.SecurityIdentifier sid);
member this.PurgeAccessControl : System.Security.Principal.SecurityIdentifier -> unit
Public Sub PurgeAccessControl (sid As SecurityIdentifier)

Parameters

sid
SecurityIdentifier

The security identifier for which to remove access rules.

Remarks

To avoid unintentionally allowing access to principals, applications should check for the existence of an allow everyone full access (AEFA) access control entry (ACE) and remove it before modifying a DACL.

Applies to