لطفا منتظر باشید ...
Summary
Windows implements an extensive security model that goes beyond the one offered by standard UNIX. All objects, and not just files, can be secured. The example programs have shown how to emulate the UNIX permissions and ownership that are set with the umask, chmod, and chown functions. Programs can also set the owner (group and user). The emulation is not easy, but the functionality is much more powerful. The complexity reflects the Orange Book C2-level requirements, which specify the access control lists and object owners with access tokens.
Looking Ahead
This chapter completes our presentation of the Windows API. The next chapter discusses Win64, the 64-bit extension to the Win32 API, and shows how to assure that programs will build and run properly in both 32-bit and 64-bit mode.
Additional Reading
Windows
Microsoft Windows Security Inside Out for Windows XP and Windows 2000, by Ed Bott and Carl Siechert, discusses Windows security administration and security policies. Programming Server-Side Applications for Microsoft Windows 2000, by Jeffrey Richter and Jason Clark, also describes security in depth.
Windows NT Design and Architecture
Inside Windows 2000, by David Solomon and Mark Russinovich, describes details of Windows security internal implementation.
Orange Book Security
The U.S. Department of Defense publication DoD Trusted Computer System Evaluation Criteria specifies the C2 and other security levels. Windows is C2 certified.
