The SYSTEM_RESOURCE_ATTRIBUTE_ACE structure defines an ACE for the specification of a resource attribute associated with an object. A SYSTEM_RESOURCE_ATTRIBUTE_ACE is used in conditional ACEs in specifying access or audit policy for the resource.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Header |
|||||||||||||||||||||||||||||||
|
Mask |
|||||||||||||||||||||||||||||||
|
Sid (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Attribute Data (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Header (4 bytes): An ACE_HEADER structure that specifies the size and type of the ACE. It also contains flags that control applicability and inheritance of the ACE by child objects.
Mask (4 bytes): An ACCESS_MASK that MUST be set to zero.
Sid (variable): The SID corresponding to the Everyone SID (S-1-1-0) in binary form.
Attribute Data (variable): Data describing a resource attribute type, name, and value(s). This data MUST be encoded in CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 format as described in section 2.4.10.1