From fca7031da9962c27cfa82a52a50b6fc23aa494de Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 17 Jun 2005 07:18:30 +0000 Subject: [PATCH] r7679: update the documentation of security_description_create() metze (This used to be commit 6ad7ffab043c3b510f4dff052973a054e5a75779) --- source4/libcli/security/security_descriptor.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c index 54c4bcb6cbb..d1978fd795c 100644 --- a/source4/libcli/security/security_descriptor.c +++ b/source4/libcli/security/security_descriptor.c @@ -287,7 +287,10 @@ BOOL security_descriptor_mask_equal(const struct security_descriptor *sd1, /* create a security descriptor using string SIDs. This is used by the torture code to allow the easy creation of complex ACLs - This is a varargs function. The list of ACEs ends with a NULL sid. + This is a varargs function. The list of DACL ACEs ends with a NULL sid. + + Each ACE contains a set of 4 parameters: + SID, ACCESS_TYPE, MASK, FLAGS a typical call would be: @@ -299,7 +302,7 @@ BOOL security_descriptor_mask_equal(const struct security_descriptor *sd1, SEC_FILE_ALL, SEC_ACE_FLAG_OBJECT_INHERIT, NULL); - that would create a sd with one ACE + that would create a sd with one DACL ACE */ struct security_descriptor *security_descriptor_create(TALLOC_CTX *mem_ctx, const char *owner_sid,