|
Allowing Access
You can allow all access to an object by adding a NULL discretionary
access-control list (DACL) to the object's security descriptor. Unlike an empty DACL
that denies all access, a NULL DACL grants everyone full access to the object. You
can also grant access to a specified trustee by using a DACL that has one or
more access-allowed ACEs.
This topic includes examples that use the high-level access-control functions
provided by Windows NT version 4.0. For an example that uses the older
low-level access control functions, see Allowing Access Using the Low-Level Functions.
The first example uses the SetNamedSecurityInfo function to attach a NULL DACL to a file. The SetNamedSecurityInfo call specifies the DACL_SECURITY_INFORMATION flag to indicate that it is
setting the file's DACL; and it passes a NULL pointer for the pDacl parameter.
// grant full access to everyone with a NULL DACL
dwRes = SetNamedSecurityInfo(TEXT("myfile"), SE_FILE_OBJECT,
DACL_SECURITY_INFORMATION,
NULL, NULL, NULL, NULL);
The second example adds an access-allowed ACE to the DACL of an object. The
example uses the GetNamedSecurityInfo function to get the existing DACL. Then it uses the BuildExplicitAccessWithName and SetEntriesInAcl functions to merge a new ACE with any existing ACEs in the DACL. Finally, the
example calls the SetNamedSecurityInfo function to attach the new DACL to the object's security descriptor.
DWORD AddAceToAcl (LPTSTR lpObjectName, SE_OBJECT_TYPE ObjectType)
{
DWORD dwRes;
PACL pOldDACL, pNewDACL;
PSECURITY_DESCRIPTOR pSD;
EXPLICIT_ACCESS ea;
if (NULL == lpObjectName)
return ERROR_INVALID_PARAMETER;
// get a pointer to the existing DACL
dwRes = GetNamedSecurityInfo(lpObjectName, ObjectType,
DACL_SECURITY_INFORMATION,
NULL, NULL, &pOldDACL, NULL, &pSD);
if (ERROR_SUCCESS != dwRes)
return dwRes;
// initialize an EXPLICIT_ACCESS structure to allow access
ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
BuildExplicitAccessWithName(&ea, "duke", GENERIC_READ,
SET_ACCESS, NO_INHERITANCE);
// create an new ACL by merging the EXPLICIT_ACCESS structure
// with the existing DACL
dwRes = SetEntriesInAcl(1, &ea, pOldDACL, &pNewDACL);
if (ERROR_SUCCESS != dwRes)
goto Cleanup;
// attach the new ACL as the object's DACL
dwRes = SetNamedSecurityInfo(lpObjectName, ObjectType,
DACL_SECURITY_INFORMATION,
NULL, NULL, pNewDACL, NULL);
// free the buffers returned by SetEntriesInAcl
// and GetNamedSecurityInfo
Cleanup:
if(pSD != NULL)
LocalFree((HLOCAL) pSD);
if(pNewDACL != NULL)
LocalFree((HLOCAL) pNewDACL);
return dwRes;
}
| Last news from Greatis Software |
 |
|
Nostalgia .Net |
|
.Net is powerful, but not all-powerful, so sometimes we need to use Win32 API for our .Net applications. It's simple enough with Platform Invoke if you have Win32 skill, but we do not always have time to dig the ancient documentation, declare the special types that are compatible with Win32, find the values of the Win32's constants and so on. Nostalgia .Net offers several simple-to-use classes, and components that will allow you to forget about the headache of Win32 and just use the power of Win32 in your application the same way as you use the native. Net classes. More » |
| Recommended software for developers |
 |
|
Ultimate Pack |
|
Component pack for Delphi and C++ Builder that contains runtime form designer, runtime object inspector, print suite and much more for the very special price. More » |
 |
|
Form Designer .Net |
|
Unique runtime form design solution that allows to edit any form in .Net WinForms application at runtime with full source codes for only 300 euro! More » |
 |
|
Print Suite .Net |
|
Print Suite .Net is a set of components for easy printing texts, images and grids from your WinForms applications. Full C# source codes are available More » |
 |
|
Gradient Controls .Net |
|
Gradient Controls .Net offers controls with gradient background feature. Labels, panels and so on... Full C# source codes are available More » |
 |
|
Greatis iGrid |
|
iGrid plots drawing grid right over your desktop, so you can use it everywhere, with any drawing application without any special plugins for different graphic editors. More » |
All the contacts and projectsDmitry Vasiliev (just.dmitry)
Related LinksSoftware for Visual Studio .NET developers
Software for Delphi and C++ Builder developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET More Online Helps Win32 Programmer's Reference
Win32 Multimedia Programmer's Reference
OLE Programmer's Reference
Microsoft Windows Pen API Programmer's Reference
Microsoft Windows Sockets 2 Reference
Microsoft Windows Telephony API (TAPI) Programmer's Reference
Unix Manual Pages
|
