winacl

winacl copied to clipboard

winacl, a cross platforms Go library to work with ntSecurityDescriptor.

Features

• [x] Parsing of Access Control Entries (ACE) of various types:
  • [x] ACE type ACCESS_ALLOWED_ACE
  • [x] ACE type ACCESS_ALLOWED_OBJECT_ACE
  • [x] ACE type ACCESS_DENIED_ACE
  • [x] ACE type ACCESS_DENIED_OBJECT_ACE
  • [x] ACE type ACCESS_ALLOWED_CALLBACK_ACE
  • [x] ACE type ACCESS_DENIED_CALLBACK_ACE
  • [x] ACE type ACCESS_ALLOWED_CALLBACK_OBJECT_ACE
  • [x] ACE type ACCESS_DENIED_CALLBACK_OBJECT_ACE
  • [x] ACE type SYSTEM_AUDIT_ACE
  • [x] ACE type SYSTEM_AUDIT_OBJECT_ACE
  • [x] ACE type SYSTEM_AUDIT_CALLBACK_ACE
  • [x] ACE type SYSTEM_MANDATORY_LABEL_ACE
  • [x] ACE type SYSTEM_AUDIT_CALLBACK_OBJECT_ACE
  • [x] ACE type SYSTEM_RESOURCE_ATTRIBUTE_ACE
  • [x] ACE type SYSTEM_SCOPED_POLICY_ID_ACE
• [x] Parsing of SID
  • [x] Connect to LDAP to resolve sAMAccountNames of not well known SIDs
  • [x] Resolve names of well known SIDs
• [ ] Parsing of Access Control Lists (ACL):
  • [ ] Print if ACL is in canonical form

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.