Windows: QuerySecurity deny access to SACL
The SACL requires System Access Level. Requests for SACL by
end user applications must be denied. Permit access to Owner,
Group, DACL and Label but not SACL.
This change permits executables to be initiated from drive
letter mappings.
Change-Id: Ibf847261f0c36dc7b6175b0536657161158cd44f
Reviewed-on: http://gerrit.openafs.org/8483
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>