QueryDACL is a tool for querying the ACL's (access control lists) and ACE's (access control entries) of files, services, registry keys, printers, processes, threads, timers, mutexes, tokens, events, and semaphores in Windows 2000 and later. QueryDACL allows you to quickly and easily see which accounts have what level of access to a particular securable Windows object without the need to open a GUI. In an ordinary Windows installation, about the only tools you get to be able to view DACLs on the command line are cacls/icacls for files, and sc for services. Even then, the output is more or less cryptic unless you know what all the abbreviations mean. QueryDACL not only centralizes this functionality of displaying discretionary access control lists (DACLs) in a single application, it provides the results in plain English. Including those mentioned above, QueryDACL also supports viewing of desktop and windowstation security descriptors in addition to that of the Service Control Manager. The ability to check the permissions on remote files, pipes, and printers is also included amongst others.