Since the first release of Windows NT, security descriptors have been used to control authorization for system resources in a unified way. Security descriptors can be applied to every file, key, process, thread, event, mutex, semaphore, desktop, job, section, Active Directory object, and many other object types that exist on a NT system. The standard Windows editor doesn't expose the full functionality or full range of securable objects available. Furthermore, the shell editor tends to oversimplify the structure of ACLs. SD Edit is designed to expose the full functionality of security descriptors by presenting them in a direct form and by giving you full control over the details. SD Edit gives experts that are running into the standard shell editor's limitations full control over the content and application of security descriptors.