Denying Access Using Low-Level Functions
This example uses the low-level functions to attach an empty DACL to a file
object. For similar examples that use the high-level security functions, see
Denying Access.
The example allocates a buffer for the security descriptor and calls the
InitializeSecurityDescriptor function to initialize the buffer. Then it allocates a buffer for the ACL and
calls the
InitializeAcl function to initialize that buffer. Next, it calls the
SetSecurityDescriptorDacl function to attach the ACL to the security descriptor; and calls the
SetFileSecurity function to attach the security descriptor to a file.
PSECURITY_DESCRIPTOR pSD;
PACL pACL;
DWORD cbACL = 1024;
/* Initialize a security descriptor. */
pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR,
SECURITY_DESCRIPTOR_MIN_LENGTH); /* defined in WINNT.H */
if (pSD == NULL) {
ErrorHandler("LocalAlloc");
goto Cleanup;
}
if (!InitializeSecurityDescriptor(pSD,
SECURITY_DESCRIPTOR_REVISION)) { /* defined in WINNT.H */
ErrorHandler("InitializeSecurityDescriptor");
goto Cleanup;
}
/* Initialize a DACL. */
pACL = (PACL) LocalAlloc(LPTR, cbACL);
if (pACL == NULL) {
ErrorHandler("LocalAlloc");
goto Cleanup;
}
if (!InitializeAcl(pACL, cbACL, ACL_REVISION2)) {
ErrorHandler("InitializeAcl");
goto Cleanup;
}
/* Add an empty ACL to the SD to deny access. */
if (!SetSecurityDescriptorDacl(pSD,
TRUE, /* fDaclPresent flag */
pACL,
FALSE)) { /* not a default DACL */
ErrorHandler("SetSecurityDescriptorDacl");
goto Cleanup;
}
/* Use the new SD as the file's security info. */
if (!SetFileSecurity(lpszTestFile,
DACL_SECURITY_INFORMATION,
pSD)) {
ErrorHandler("SetFileSecurity");
goto Cleanup;
}
Cleanup:
if(pSD != NULL)
LocalFree((HLOCAL) pSD);
if(pACL != NULL)
LocalFree((HLOCAL) pACL);
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
