|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| No
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| aclapi.h
| Unicode
| WinNT
| Platform Notes
| None
|
|
|
BuildSecurityDescriptor
[New - Windows NT]
The
BuildSecurityDescriptor function allocates and initializes a new security descriptor. A security
descriptor is an opaque structure that contains the security information associated
with an object. The function can initialize the new security descriptor by
merging specified security information with the information in an existing
security descriptor. If you don't specify an existing security descriptor, the
function initializes a new security descriptor based on the specified security
information.
BuildSecurityDescriptor creates a self-relative security descriptor, which means that the security
descriptor stores a
SECURITY_DESCRIPTOR structure and associated security information in a contiguous block of
memory. The self-relative format makes the security descriptor suitable for storing
in a stream.
DWORD BuildSecurityDescriptor(
PTRUSTEE pOwner,
| // identifies owner for new security descriptor
|
PTRUSTEE pGroup,
| // identifies group for new security descriptor
|
ULONG cCountOfAccessEntries,
| // number of access-control entries in the list
|
PEXPLICIT_ACCESS pListOfAccessEntries,
| // pointer to list of access-control entries for DACL
|
ULONG cCountOfAuditEntries,
| // number of audit-control entries in the list
|
PEXPLICIT_ACCESS pListOfAuditEntries,
| // pointer to list of audit-control entries for SACL
|
PSECURITY_DESCRIPTOR pOldSD,
| // pointer to an existing security descriptor
|
PULONG pSizeNewSD,
| // pointer to the size of the new security descriptor
|
PSECURITY_DESCRIPTOR * pNewSD
| // pointer that receives the new security descriptor
|
);
|
|
Parameters
pOwner
Pointer to a
TRUSTEE structure that identifies the owner for the new security descriptor. If the
structure uses the TRUSTEE_IS_NAME form,
BuildSecurityDescriptor looks up the
SID associated with the specified trustee name.
If this parameter is NULL, the function uses the owner SID from the original
security descriptor pointed to by
pOldSD. If
pOldSD is NULL, or if the owner SID in
pOldSD is NULL, the owner SID is NULL in the new security descriptor.
pGroup
Pointer to a
TRUSTEE structure that identifies the primary group SID for the new security
descriptor. If the structure uses the TRUSTEE_IS_NAME form,
BuildSecurityDescriptor looks up the SID associated with the specified trustee name.
If this parameter is NULL, the function uses the group SID from the original
security descriptor pointed to by
pOldSD. If
pOldSD is NULL, or if the group SID in
pOldSD is NULL, the group SID is NULL in the new security descriptor.
cCountOfAccessEntries
Specifies the number of
EXPLICIT_ACCESS structures in the
pListOfAccessEntries array
.
pListOfAccessEntries
Pointer to an array of
EXPLICIT_ACCESS structures that describe access control information for the DACL of the new
security descriptor. The function creates the new DACL by merging the
information in the array with the DACL in
pOldSD, if any. If
pOldSD is NULL, or if the DACL in
pOldSD is NULL, the function creates a new DACL based solely on the information in
the array. For a description of the rules for creating an
ACL from an array of
EXPLICIT_ACCESS structures, see the
SetEntriesInAcl function.
If
pListOfAccessEntries is NULL, the new security descriptor gets the DACL from
pOldSD. In this case, if
pOldSD is NULL, or if the DACL in
pOldSD is NULL, the new DACL is NULL.
cCountOfAuditEntries
Specifies the number of
EXPLICIT_ACCESS structures in the
pListOfAuditEntries array
.
pListOfAuditEntries
Pointer to an array of
EXPLICIT_ACCESS structures that describe audit control information for the SACL of the new
security descriptor. The function creates the new SACL by merging the information
in the array with the SACL in
pOldSD, if any. If
pOldSD is NULL, or the SACL in
pOldSD is NULL, the function creates a new SACL based solely on the information in
the array.
If
pListOfAuditEntries is NULL, the new security descriptor gets the SACL from
pOldSD. In this case, if
pOldSD is NULL, or the SACL in
pOldSD is NULL, the new SACL is NULL.
pOldSD
Pointer to an existing self-relative
SECURITY_DESCRIPTOR structure and its associated security information. The function builds the
new security descriptor by merging the specified owner, group, access-control,
and audit-control information with the information in this security descriptor.
This parameter can be NULL.
pSizeNewSD
Pointer to a
ULONG variable that receives the size, in bytes, of the returned security
descriptor.
pNewSD
Pointer to a variable that receives a pointer to the new security descriptor.
The function allocates memory for the new security descriptor. You must call
the
LocalFree function to free the returned buffer.
Return Values
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in
WINERROR.H.
Remarks
The
BuildSecurityDescriptor function is intended for trusted servers that implement or expose security on
their own objects. The function uses self-relative security descriptors
suitable for serializing into a stream and storing to disk, as a trusted server might
require.
See Also
ACL,
EXPLICIT_ACCESS,
LocalFree,
SECURITY_DESCRIPTOR,
SetEntriesInAcl,
SID,
TRUSTEE
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
