Windows implements
this logic in a function called AccessCheck. The two phases of the AccessCheck functionwe
are going to talk about in this section are the privilege check and theDACL check.
Chapter 16: Exploiting Windows Access Control Model for Local Elevation of Privilege
397
PART IV
OI (Object Inheritance) New noncontainer child objects will be explicitly granted this ACE
on creation, by default. In our directory example, ???noncontainer
child objects??? is a fancy way of saying ???files.??? This ACE would be
inherited in the same way a file would get a normal effective ACE.
New container child objects will not receive this ACE effectively
but will have it as an inherit-only ACE to pass on to their child
objects. In our directory example, ???container child objects??? is a
fancy way of saying ???subdirectories.???
CI (Container Inheritance) Container child objects inherit this ACE as a normal effective ACE.
This ACE has no effect on noncontainer child objects.
IO (Inherit Only) Inherit-only ACEs don??™t actually affect the object to which they are
attached. They exist only to be passed on to child objects.
Table 16-1 Inheritence flags
AccessCheck??™s Privilege Check
Remember that the AccessCheck is a generic function that is done before granting access
to any securable object or procedure.
Pages:
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715