ACL Entry Types for Dissimilar DCE Releases
The extended entry type provides a generic format for ACL entries that allows future DCE releases to implement new ACL entry types. Because the new types are "packaged'' in the generic format of the extended entry, earlier DCE releases can copy, display, and print the new entry types even if they cannot interpret their meaning.
Copying ACLs tells how to copy extended entries. Note that extended entries cannot be modified; however, they can be deleted.
An extended ACL entry has the following form:
{extended uuid.ndr.ndr.ndr.ndr.number_of_bytes.data permissions}
where:
uuid
A UUID that identifies the entry type of the extended ACL entry. (This UUID can identify one of the ACL entry types described in this document or an as-yet-undefined ACL
entry type.)
ndr.ndr.ndr.ndr
A Network Data Representation (NDR) format label (in hexadecimal format and separated by dots) that identifies the encoding of data.
number_of_bytes
A decimal number that specifies the total number of bytes in data. It is followed by a dot.
data
The ACL data in hexadecimal format. (Each byte of ACL data is two hexadecimal digits.) The ACL data includes all of the ACL entry specification except the permissions.
The ACL data is not interpreted; it is assumed that the ACL manager to which the data is being passed can understand that data.
permissions
The permissions to be granted by the entry.