sometimes you right click/properties/security on things like files and you see some garbled things like S-1-5-7blablabla...
They are called security identifiers (SID), I bet at some point you thought that they were just "messed up things" or garbage or something like that?
well, they actually have a meaning, here's a full list:
Anonymous Logon (S-1-5-7): A user who has connected to the computer without supplying a user name and password.
Authenticated Users (S-1-5-11): Includes all users and computers whose identities have been authenticated. Authenticated Users does not include Guest even if the Guest account has a password.
Batch (S-1-5-3): Includes all users who have logged on through a batch queue facility such as task scheduler jobs.
Creator Owner (S-1-3-0): A placeholder in an inheritable access control entry (ACE). When the ACE is inherited, the system replaces this SID with the SID for the object's current owner.
Creator Group (S-1-3-1): A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the primary group of the object's current owner.
Dialup (S-1-5-1): Includes all users who are logged on to the system through a dial-up connection.
Everyone (S-1-1-0): On computers running Windows Server 2003 operating systems, Everyone includes Authenticated Users and Guest. On computers running earlier versions of the operating system, Everyone includes Authenticated Users and Guest plus Anonymous Logon.
For more information, see Differences in default security settings.
Interactive (S-1-5-4): Includes all users logging on locally or through a Remote Desktop connection.
Local System (S-1-5-18): A service account that is used by the operating system.
Network (S-1-5-2): Includes all users who are logged on through a network connection. Access tokens for interactive users do not contain the Network SID.
Self (or Principal Self) (S-1-5-10): A placeholder in an ACE on a user, group, or computer object in Active Directory. When you grant permissions to Principal Self, you grant them to the security principal represented by the object. During an access check, the operating system replaces the SID for Principal Self with the SID for the security principal represented by the object.
Service (S-1-5-6): A group that includes all security principals that have logged on as a service. Membership is controlled by the operating system.
Terminal Server Users (S-1-5-13): Includes all users who have logged on to a Terminal Services server that is in Terminal Services version 4.0 application compatibility mode.
Other Organization (S-1-5-1000): Causes a check to ensure that a user from another forest or domain is allowed to authenticate to a particular service.
This Organization (S-1-5-15): Added by the authentication server to the authentication data of a user, provided the Other Organization SID is not already present.
that's it! now you still don't know what they are because you didn't read this thing, but you have a reference that you can keep in your bookmarks