The System.Security.AccessControl namespace provides programming elements that control access to and audit security-related actions on securable objects.
Type | Reason |
---|---|
AccessControlActions |
Specifies the actions that are permitted for securable objects. |
AccessControlModification |
Specifies the type of access control modification to perform. This enumeration is used by methods of the System.Security.AccessControl.ObjectSecurity class and its descendents. |
AccessControlSections |
Specifies which sections of a security descriptor to save or load. |
AccessControlType |
Specifies whether an System.Security.AccessControl.AccessRule object is used to allow or deny access. These values are not flags, and they cannot be combined. |
AccessRule |
Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An System.Security.AccessControl.AccessRule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated. |
AccessRule<T> |
Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An AccessRule`1 object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated. |
AceEnumerator |
Provides the ability to iterate through the access control entries (ACEs) in an access control list (ACL). |
AceFlags |
Specifies the inheritance and auditing behavior of an access control entry (ACE). |
AceQualifier |
Specifies the function of an access control entry (ACE). |
AceType |
Defines the available access control entry (ACE) types. |
AuditFlags |
Specifies the conditions for auditing attempts to access a securable object. |
AuditRule |
Represents a combination of a user's identity and an access mask. An System.Security.AccessControl.AuditRule object also contains information about how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited. |
AuditRule<T> |
Represents a combination of a user’s identity and an access mask. |
AuthorizationRule |
Determines access to securable objects. The derived classes System.Security.AccessControl.AccessRule and System.Security.AccessControl.AuditRule offer specializations for access and audit functionality. |
AuthorizationRuleCollection |
Represents a collection of System.Security.AccessControl.AuthorizationRule objects. |
CommonAce |
Represents an access control entry (ACE). |
CommonAcl |
Represents an access control list (ACL) and is the base class for the System.Security.AccessControl.DiscretionaryAcl and System.Security.AccessControl.SystemAcl classes. |
CommonObjectSecurity |
Controls access to objects without direct manipulation of access control lists (ACLs). This class is the abstract base class for the System.Security.AccessControl.NativeObjectSecurity class. |
CommonSecurityDescriptor |
Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL). |
CompoundAce |
Represents a compound Access Control Entry (ACE). |
CompoundAceType |
Specifies the type of a System.Security.AccessControl.CompoundAce object. |
ControlFlags |
These flags affect the security descriptor behavior. |
CryptoKeyAccessRule |
Represents an access rule for a cryptographic key. An access rule represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An access rule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated. |
CryptoKeyAuditRule |
Represents an audit rule for a cryptographic key. An audit rule represents a combination of a user's identity and an access mask. An audit rule also contains information about the how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited. |
CryptoKeyRights |
Specifies the cryptographic key operation for which an authorization rule controls access or auditing. |
CryptoKeySecurity |
Provides the ability to control access to a cryptographic key object without direct manipulation of an Access Control List (ACL). |
CustomAce |
Represents an Access Control Entry (ACE) that is not defined by one of the members of the System.Security.AccessControl.AceType enumeration. |
DirectoryObjectSecurity |
Provides the ability to control access to directory objects without direct manipulation of Access Control Lists (ACLs). |
DirectorySecurity |
Represents the access control and audit security for a directory. This class cannot be inherited. |
DiscretionaryAcl |
Represents a Discretionary Access Control List (DACL). |
EventWaitHandleAccessRule |
Represents a set of access rights allowed or denied for a user or group. This class cannot be inherited. |
EventWaitHandleAuditRule |
Represents a set of access rights to be audited for a user or group. This class cannot be inherited. |
EventWaitHandleRights |
Specifies the access control rights that can be applied to named system event objects. |
EventWaitHandleSecurity |
Represents the Windows access control security applied to a named system wait handle. This class cannot be inherited. |
FileSecurity |
Represents the access control and audit security for a file. This class cannot be inherited. |
FileSystemAccessRule |
Represents an abstraction of an access control entry (ACE) that defines an access rule for a file or directory. This class cannot be inherited. |
FileSystemAuditRule |
Represents an abstraction of an access control entry (ACE) that defines an audit rule for a file or directory. This class cannot be inherited. |
FileSystemRights |
Defines the access rights to use when creating access and audit rules. |
FileSystemSecurity |
Represents the access control and audit security for a file or directory. |
GenericAce |
Represents an Access Control Entry (ACE), and is the base class for all other ACE classes. |
GenericAcl |
Represents an access control list (ACL) and is the base class for the System.Security.AccessControl.CommonAcl, System.Security.AccessControl.DiscretionaryAcl, System.Security.AccessControl.RawAcl, and System.Security.AccessControl.SystemAcl classes. |
GenericSecurityDescriptor |
Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL). |
InheritanceFlags |
Inheritance flags specify the semantics of inheritance for access control entries (ACEs). |
KnownAce |
Encapsulates all Access Control Entry (ACE) types currently defined by Microsoft Corporation. All System.Security.AccessControl.KnownAce objects contain a 32-bit access mask and a System.Security.Principal.SecurityIdentifier object. |
MutexAccessRule |
Represents a set of access rights allowed or denied for a user or group. This class cannot be inherited. |
MutexAuditRule |
Represents a set of access rights to be audited for a user or group. This class cannot be inherited. |
MutexRights |
Specifies the access control rights that can be applied to named system mutex objects. |
MutexSecurity |
Represents the Windows access control security for a named mutex. This class cannot be inherited. |
NativeObjectSecurity |
Provides the ability to control access to native objects without direct manipulation of Access Control Lists (ACLs). Native object types are defined by the System.Security.AccessControl.ResourceType enumeration. |
NativeObjectSecurity+ExceptionFromErrorCode | Documentation for this section has not yet been entered. |
ObjectAccessRule |
Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An System.Security.AccessControl.ObjectAccessRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated. |
ObjectAce |
Controls access to Directory Services objects. This class represents an Access Control Entry (ACE) associated with a directory object. |
ObjectAceFlags |
Specifies the presence of object types for Access Control Entries (ACEs). |
ObjectAuditRule |
Represents a combination of a user's identity, an access mask, and audit conditions. An System.Security.AccessControl.ObjectAuditRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated. |
ObjectSecurity |
Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs). This class is the abstract base class for the System.Security.AccessControl.CommonObjectSecurity and System.Security.AccessControl.DirectoryObjectSecurity classes. |
ObjectSecurity<T> |
Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs); also grants the ability to type-cast access rights. |
PrivilegeNotHeldException |
The exception that is thrown when a method in the System.Security.AccessControl namespace attempts to enable a privilege that it does not have. |
PropagationFlags |
Specifies how Access Control Entries (ACEs) are propagated to child objects. These flags are significant only if inheritance flags are present. |
QualifiedAce |
Represents an Access Control Entry (ACE) that contains a qualifier. The qualifier, represented by an System.Security.AccessControl.AceQualifier object, specifies whether the ACE allows access, denies access, causes system audits, or causes system alarms. The System.Security.AccessControl.QualifiedAce class is the abstract base class for the System.Security.AccessControl.CommonAce and System.Security.AccessControl.ObjectAce classes. |
RawAcl |
Represents an Access Control List (ACL). |
RawSecurityDescriptor |
Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL). |
RegistryAccessRule |
Represents a set of access rights allowed or denied for a user or group. This class cannot be inherited. |
RegistryAuditRule |
Represents a set of access rights to be audited for a user or group. This class cannot be inherited. |
RegistryRights |
Specifies the access control rights that can be applied to registry objects. |
RegistrySecurity |
Represents the Windows access control security for a registry key. This class cannot be inherited. |
ResourceType |
Specifies the defined native object types. |
SecurityInfos |
Specifies the section of a security descriptor to be queried or set. |
SemaphoreAccessRule |
Represents a set of access rights allowed or denied for a user or group. This class cannot be inherited. |
SemaphoreAuditRule |
Represents a set of access rights to be audited for a user or group. This class cannot be inherited. |
SemaphoreRights |
Specifies the access control rights that can be applied to named system semaphore objects. |
SemaphoreSecurity |
Represents the Windows access control security for a named semaphore. This class cannot be inherited. |
SystemAcl |
Represents a System Access Control List (SACL). |