Security Descriptors

This module implements security descriptors, and associated data structures, as specified in [MS-DTYP].

class smb.security_descriptors.SID(revision, identifier_authority, subauthorities)

A Windows security identifier. Represents a single principal, such a user or a group, as a sequence of numbers consisting of the revision, identifier authority, and a variable-length list of subauthorities.

See [MS-DTYP]: 2.4.2

class smb.security_descriptors.ACE(type_, flags, mask, sid, additional_data)

Represents a single access control entry.

See [MS-DTYP]: 2.4.4


Convenience property which indicates if this ACE is inherit only, meaning that it doesn’t apply to the object itself.

class smb.security_descriptors.ACL(revision, aces)

Access control list, encapsulating a sequence of access control entries.

See [MS-DTYP]: 2.4.5

class smb.security_descriptors.SecurityDescriptor(flags, owner, group, dacl, sacl)

Represents a security descriptor.

See [MS-DTYP]: 2.4.6