From Wikipedia, the free encyclopedia - View original article
|This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (February 2008)|
In computing, cacls and its replacement, icacls, are Microsoft Windows native command line utilities capable of displaying and modifying the security descriptors on folders and files. An access control list is a list of permissions for securable object, such as a file or folder, that controls who can access it.
|This section requires expansion with: general description, examples and additional citations. (September 2009)|
The cacls.exe utility is a deprecated command line editor of directory and file security descriptors in Windows NT 3.5 and Windows NT. Microsoft has produced the following newer utilities, some also subsequently deprecated, that offer enhancements to support changes introduced with version 3.0 of the NTFS filesystem:
Stands for Integrity Control Access Control List. Windows Server 2003 Service Pack 2 and later include icacls, an in-box command-line utility that can display, modify, backup and restore ACLs for files and folders, as well as to set integrity levels and ownership in Vista and later versions. It is not a complete replacement for cacls, however. For example, it does not support Security Descriptor Definition Language (SDDL) syntax directly via command line parameters (only via the /restore option).
All known versions of icacls have a serious bug: on objects with protected ACLs, icacls
Xcacls.vbs is an unsupported tool that provides additional capabilities not provided with the supported utility, Xcacls.exe.