SD Edit
Security Descriptor Editor
Since the first release of Windows NT, security descriptors have been used to control authorization for system resources in a unified way. Security descriptors can be applied to every file, key, process, thread, event, mutex, semaphore, desktop, job, section, Active Directory object, and many other object types that exist on a NT system.
The original security descriptor editor that shipped with NT 3.1 was barely functional. Even the new editor introduced in Windows 2000 has limitations.
SD Edit is designed to expose the full functionality of security descriptors by presenting them in a direct form and by giving you full control over the details. It presents the elements of a security descriptor in a more direct form than the shell editor, and so requires you to better understand how they work at a low level.
SD Edit documentation introduction, table of contents
SD Edit 1.6 released 2009-11-08:
Download SDEdit v1.6 binary + documentation 32 bit (404 KiB)
Download SDEdit v1.6 binary + documentation 64 bit (443 KiB)
Download SDEdit v1.6 source (593KiB) (licensed under the GNU GPL v2)
Older releases:
2007-05-24 SDEdit 1.5.1 source2007-04-16 SDEdit 1.5 source
2007-01-10 SDEdit 1.4 source
2006-12-11 SDEdit 1.3 source
2006-11-08 SDEdit 1.2 source
2006-11-02 SDEdit 1.1 source
2006-10-25 SDEdit 1.0 source