Application Security, Part 8

Access control lists are available in Windows NT, Windows 2000, Windows XP and Windows Server 2003. They provide for what may be described as object-centric authorization, in which permissions are associated with objects, such as files and folders. Object-centric authorization is of very limited interest to application developers, because it is difficult to decompose operations that a user of an application might want to perform into permissions on objects.

[This posting is provided "AS IS" with no warranties, and confers no rights.]