Summary

This chapter has provided an overview of Win32 API security features. It’s important to understand that these features represent basic security and that Win32 API security can become more complex. You should take knowledge of the two basic security tools (Access Control Editor and Security Configuration Editor) and the four basic security elements (SID, SACL, DACL, and ACE) from this chapter. In addition, you should have a better idea of when to use Win32 API security and when to avoid it.

What you need to consider now is whether you require Win32 API security for a current project. In most cases, the answer is going to be no, you can use the security features that the .NET Framework provides. However, as you begin interacting with unmanaged code, require special features, need access to Active Directory, or perform other complex tasks, the need to use Win32 API security increases. Planning for this security need is the best way to ensure that everything works as intended and the security features interact as you expect.

Chapter 15 is actually the second part of this chapter. The reason I divided the two parts is that many people only need the Win32 API features presented in this chapter. When you begin working in Chapter 15, you’ll notice that many of the features work directly with a network or perform low-level tasks that you won’t commonly perform. For example, Chapter 15 demonstrates a method for locking registry keys so that users can’t access them easily and your application settings remain safe.