共用方式為


2.4.4.6 ACCESS_ALLOWED_CALLBACK_ACE

The ACCESS_ALLOWED_CALLBACK_ACE structure defines an ACE for the DACL that controls access to an object. An access-allowed ACE allows access to an object for a specific trustee identified by a SID.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Header

Mask

Sid (variable)

...

ApplicationData (variable)

...

Header (4 bytes): An ACE_HEADER structure that specifies the size and type of ACE. It also contains flags that control inheritance of the ACE by child objects.

Mask (4 bytes): An ACCESS_MASK that specifies the user rights allowed by this ACE.

Sid (variable): The SID of a trustee. The length of the SID MUST be a multiple of 4.

ApplicationData (variable): Optional application data. The size of the application data is determined by the AceSize field of the ACE_HEADER.