|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| No
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| winbase.h
| Unicode
| No
| Platform Notes
| None
|
|
|
SetPrivateObjectSecurity
The SetPrivateObjectSecurity function modifies a private object's security descriptor.
BOOL SetPrivateObjectSecurity(
SECURITY_INFORMATION SecurityInformation,
| // type of security information
| PSECURITY_DESCRIPTOR ModificationDescriptor,
| // address of SD to apply to object
| PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
| // address of object's SD
| PGENERIC_MAPPING GenericMapping,
| // address of access-mapping structure
| HANDLE Token
| // handle of client access token
| );
|
|
Parameters
SecurityInformation
Specifies a SECURITY_INFORMATION structure identifying the contents of the security descriptor pointed to by
the ModificationDescriptor parameter.
ModificationDescriptor
Points to a SECURITY_DESCRIPTOR structure to be applied to the object.
ObjectsSecurityDescriptor
Points to a pointer to a SECURITY_DESCRIPTOR structure to be altered by this function. This security descriptor must be in
self-relative form.
GenericMapping
Points to a GENERIC_MAPPING structure specifying the mapping of generic to specific and standard access
types for the object.
Token
Identifies the access token for the client on whose behalf the private
object's security is being modified. This parameter is required to ensure that the
client has provided a legitimate value for a new owner security identifier (SID).
The token must be open for TOKEN_QUERY access.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error
information, call GetLastError.
Remarks
The object's security descriptor must be in self-relative form.
If necessary, the SetPrivateObjectSecurity function allocates additional memory to produce a larger security descriptor.
The SetPrivateObjectSecurity function is successful only if the following conditions are met:
- If the object's owner is being set, the calling process must have either
WRITE_OWNER permission or be the object's owner.
- If the object's discretionary access-control list (ACL) is being set, the
calling process must have either WRITE_DAC permission or be the object's owner.
- If the object's system ACL is being set, the SE_SECURITY_NAME privilege must
be enabled for the calling process.
The process calling this function must not be impersonating a client.
See Also
CreatePrivateObjectSecurity, DestroyPrivateObjectSecurity, GENERIC_MAPPING, GetPrivateObjectSecurity, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetFileSecurity, SetKernelObjectSecurity, SetUserObjectSecurity
Related Links
Software for Delphi and C++ Builder developers
Software for Visual Studio .NET developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET
TMS Scripter Studio Pro components for Delphi/C++Builder
More Online Helps
Win32 Multimedia Programmer's Reference (mmedia.hlp)
OLE Programmer's Reference (ole.hlp)
Microsoft Windows Pen API Programmer's Reference (penapi.hlp)
Microsoft Windows Sockets 2 Reference (sock2.hlp)
Microsoft Windows Telephony API (TAPI) Programmer's Reference (tapi.hlp)
Unix Manual Pages
|
