Редагувати

Поділитися через


CommonObjectSecurity.RemoveAccessRule(AccessRule) Method

Definition

Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

protected:
 bool RemoveAccessRule(System::Security::AccessControl::AccessRule ^ rule);
protected bool RemoveAccessRule (System.Security.AccessControl.AccessRule rule);
member this.RemoveAccessRule : System.Security.AccessControl.AccessRule -> bool
Protected Function RemoveAccessRule (rule As AccessRule) As Boolean

Parameters

rule
AccessRule

The access rule to remove.

Returns

true if the access rule was successfully removed; otherwise, false.

Remarks

Access removal is accomplished by using a complex algorithm that might add access control rules in addition to removing them.

This method fails to remove the access rule and returns false if the inheritance rules associated with the access rule are too complex for the removal algorithm to succeed.

To avoid unintentionally allowing access to principals, applications should check for the existence of an allow everyone full access (AEFA) access control entry (ACE) and remove it before modifying a DACL.

Applies to