Skip to main content

Posts

Showing posts from December, 2005

how to decipher sddl for useful stuff

i was counting my lucky stars that i never had to give any thought to deciphering SDDLs (security descriptor definition language). some people have written entire diatribes on the subject. for me, i just need a reference. hence, my posting... sddl is broken down into four parts:
object primary group daclsacl sddl string is easier to look at like this since there are no spaces or visible terminators other than the colon:
o:[sid_string]g:[sid_string]d:[dacl_flags](ace_string) it's important to note the format of the ace string is broken down like this:
[ace_type];[ace_flags];[rights];[object_guid];[inherit_object_guid];[account_sid] i created a file called text.txt in my c:\temp directory. in the GUI, it's expressed as this:
Administrators - Full Control SYSTEM - Full Control Users - Read & Execute in sddl, it's expressed as:
O:BAG:DUD:ARAI(A;;FA;;;BA)(A;;FA;;;SY)(A;;0x1200a9;;;BU)(A;ID;FA;;;BA)(A;ID;FA;;;SY)(A;ID;0x1200a9;;;BU)
from this, we know that the fir…

monad dependencies

if you're upgrading to the newest version of monad that runs on the .net framework 2.0 production release, make sure that you remove monad prior to uninstalling .net framework 2.0 beta 2. otherwise, you won't be able to uninstall monad to install the new version. so here's the steps: uninstall monaduninstall .net framework 2.0 beta 2install .net framework 2.0 (production release)install monad