cacls

In computing, cacls and its replacement, icacls, are Microsoft Windows native command line utilities capable of displaying and modifying the security descriptors on folders and files. An access control list is a list of permissions for securable object, such as a file or folder, that controls who can access it.

cacls

The cacls.exe utility is a deprecated command line editor of directory and file security descriptors in Windows NT 3.5 and later operating systems of the Windows NT family. Microsoft has produced the following newer utilities, some also subsequently deprecated, that offer enhancements to support changes introduced with version 3.0 of the NTFS filesystem:

icacls

Stands for Integrity Control Access Control List. Windows Server 2003 Service Pack 2 and later include icacls, an in-box command-line utility that can display, modify, backup and restore ACLs for files and folders, as well as to set integrity levels and ownership in Vista and later versions. It is not a complete replacement for cacls, however. For example, it does not support Security Descriptor Definition Language (SDDL) syntax directly via command line parameters (only via the /restore option).

Problems

All known versions of icacls have a serious bug:[12] on objects with protected ACLs, icacls

See also

References

  1. "How to use Xcacls.exe to modify NTFS permissions (Revision: 4.5)". Microsoft Support. Microsoft Corporation. 2 March 2007. Retrieved 24 December 2011.
  2. "Xcacls syntax". Microsoft TechNet. Microsoft Corporation. 28 March 2003. Retrieved 30 October 2012.
  3. "Windows 2000 Resource Kit Tool: Xcacls.exe". Microsoft Download Center. Microsoft Corporation. 15 May 2002. Retrieved 24 December 2011.
  4. "Windows XP Service Pack 2 Support Tools". Microsoft Download Center. Microsoft Corporation. 10 August 2004. Retrieved 24 December 2011.
  5. "How to use Xcacls.vbs to modify NTFS permissions (Revision: 2.4)". Microsoft Support. Microsoft Corporation. 30 October 2006. Retrieved 24 December 2011.
  6. "Extended Change Access Control List Tool (Xcacls)" (2 July 2004). Microsoft Download Center. Microsoft Corporation. Retrieved 24 December 2011. Xcacls.vbs is an unsupported tool that provides additional capabilities not provided with the supported utility, Xcacls.exe.
  7. "FILEACL v3.0.1.6". Microsoft. 2004-03-23. Archived from the original on March 22, 2009.
  8. "The Icacls.exe utility is available for Windows Server 2003 with Service Pack 2 (Revision: 4.0)". Microsoft Support. Microsoft Corporation. 9 October 2011. Retrieved 24 December 2011.
  9. "Icacls". Microsoft TechNet. Microsoft Corporation. 28 September 2007. Retrieved 24 December 2011.
  10. "Get-Acl". Microsoft TechNet. Microsoft Corporation. 21 April 2010. Retrieved 31 October 2012.
  11. "Set-Acl". Microsoft TechNet. Microsoft Corporation. 21 April 2010. Retrieved 31 October 2012.
  12. ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED

Further reading

This article is issued from Wikipedia - version of the 10/11/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.