MyITBlog.com - IT Professionals Online Journal
 
  Home  |   Site News  |   About Us  |   Privacy  |   FAQ  |   Contact   Add Blog Entry  |  Login  |  Register   
 My Account
Username
Password
Remember me
Lost Password?


 Categories


  HOME  >  ProgrammingPrint


0
Votes
Access Control Lists in Programming   
by sundararajan on 15 Nov 2005, 05:29     Read sundararajan's Blog
Total Hits: 701    Comments: 0   

Access Control Lists:

                                                                                                       -S.Sundararajan

 

ACLs are means to employ Access control mechanism in most of the Microsoft operating systems.(Windows NT, Windows XP, windows 2000).

Access control lists are nothing but a collection of ACE ‘s(Access control entries).

 

Access control Entries is composed of two parts:

  1. Security ID (SID) – the account
  2. Description – what the account can do.

 

There are two types of ACLs:

  1. DACL – Discretionary Access control lists
  2. SACL- System access control lists

 

DACL:

 

 Each DACL has one or more ACEs.

When some object tries to access the secured object, the system checks the ACEs in the object's DACL to determine whether to grant access to it. If the object does not have a DACL, the system grants full access to everyone. If the object's DACL has no ACEs, the system denies all attempts to access the object because the DACL does not allow any access rights. The system checks the ACEs in sequence until it finds one or more ACEs that allow all the requested access rights, or until any of the requested access rights are denied.

 

There is also a notion of NULL DACLs which means no DACLs: when the DACLs that belongs to an objects security descriptor is set to null then it is NULL DACL. NULL DACL means giving access to every one. This may result in denial of service attacks.

 

There is another notion called Empty DACL: Empty DACL is nothing but a DACL which does not contain any Access control entries.

So when an object tries to access the object secured by empty DACL it does not allow as it could not find any ACE.

 

Here comes the difference between null DACL and empty DACL.

Null DACL- access to every one.

Empty DACL- deny access to everyone.

 

 

In general however an objects owner will have permission on it even if someone tries to deny access to him. Every object will have its owner.

 

SACL:

   It is nothing but an audit policy for the secured resource

More specifically, a SACL specifies the following:

  • The group or user accounts to audit when accessing the object.
  • The access events to be audited for each group or user. An example of an access event is modifying a file.
  • A Success or Failure attribute for each access event, based on the permissions granted to each group and user in the object's DACL .

An object's ACL can contain ACEs that it inherited from its parent container. For eg. A NTFS file can inherit ACEs from its container a Directory.

 

Setting ACLs:

 

Most probably programmers tend to set null DACLs for the objects that they request. This is because they find it very easier in this manner and their program works very fine. But as a programmer we should always be strict enough in setting access control lists. Mostly null DACLS will not be an appropriate one.

 Based on the business requirements we should segregate things and set the ACLs.

 

The topic of ACLs has been described in a neat manner in the book, “Writing Secure Code-David LeNlanc, Michael Howard”. Some basic things of it and the best practices for setting ACLS can be found at the Windows XP Help.

 

 

 

 

 

 

 

 

 

 

Post Comment
Copyright © 2008 MyITBlog.com