:py:mod:`dissect.ntfs.secure` ============================= .. py:module:: dissect.ntfs.secure Module Contents --------------- Classes ~~~~~~~ .. autoapisummary:: dissect.ntfs.secure.Secure dissect.ntfs.secure.SecurityDescriptor dissect.ntfs.secure.ACL dissect.ntfs.secure.ACE .. py:class:: Secure(record: dissect.ntfs.mft.MftRecord = None, sds: BinaryIO = None) Lookup security descriptors from the ``$Secure`` file, or optionally just a file-like object of the ``$SDS``. Only one the ``record`` or ``sds`` arguments needs to be provided. :param record: The MFT record of the ``$Secure`` file, used when opening from a full NTFS volume. :param sds: A file-like object of the ``$SDS`` stream, used when opening from separate system files. .. py:method:: lookup(security_id: int) -> SecurityDescriptor Lookup a security descriptor by the security ID. An index is used if available (``$SII``), otherwise we iterate all entries until we find the correct one. :param security_id: The security ID to lookup. :raises KeyError: If the security ID can't be found. .. py:method:: descriptors() -> Iterator[SecurityDescriptor] Return all security descriptors. .. py:class:: SecurityDescriptor(fh: BinaryIO) Parse a security descriptor from a file-like object. :param fh: The file-like object to parse a security descriptor from. .. py:class:: ACL(fh: BinaryIO) Parse an ACL from a file-like object. :param fh: The file-like object to parse an ACL from. .. py:class:: ACE(fh: BinaryIO) Parse an ACE from a file-like object. :param fh: The file-like object to parse an ACE from. .. py:property:: type :type: dissect.ntfs.c_ntfs.ACE_TYPE Return the ACE type. .. py:property:: is_standard_ace :type: bool Return whether this ACE is a standard ACE. .. py:property:: is_compound_ace :type: bool Return whether this ACE is a compound ACE. .. py:property:: is_object_ace :type: bool Return whether this ACE is an object ACE. .. py:method:: __repr__() -> str Return repr(self).