BOOL SetSecurityDescriptorSacl(SecurityDescriptor, SaclPresent, Sacl, SaclDefaulted) | |||
PSECURITY_DESCRIPTOR SecurityDescriptor; | |||
BOOL SaclPresent; | |||
PACL Sacl; | |||
BOOL SaclDefaulted; |
The SetSecurityDescriptorSacl function sets the system ACL information of an absolute format security descriptor. If there is already a system ACL present in the security descriptor, it is replaced.
SecurityDescriptor
Pointer to the SECURITY_DESCRIPTOR data structure that the function will add the system ACL to.
SaclPresent
Specifies how the function will set the security descriptor's SaclPresent control flag and whether it will ignore the Sacl and SaclDefaulted parameters. If SaclPresent is FALSE, the function sets the SaclPresent flag to FALSE, and will ignore Sacl and SaclDefaulted. If SaclPresent is TRUE, the function sets the SaclPresent flag to TRUE, and Sacl and SaclDefaulted are not ignored.
Sacl
Pointer to an ACL data structure that specifies the system ACL for the security descriptor. If this optional parameter is not passed, a null ACL is assigned to the security descriptor. The ACL is referenced by, not copied into, the security descriptor.
The ACL data structure has the following form:
typedef struct _ACL { /* acl */
BYTE AclRevision;
BYTE Sbz1;
WORD AclSize;
WORD AceCount;
WORD Sbz2;
} ACL;
SaclDefaulted
Specifies, if TRUE, that the system ACL was picked up from some default mechanism; if FALSE, that the system ACL was explicitly specified by a user. The function will store this value into the security descriptor's SaclDefaulted control flag. This parameter is optional; if it is not passed, the SaclDefaulted flag will be cleared.
The return value is TRUE if the function was successful, or FALSE if an error occurred. Use the GetLastError function to obtain extended error information.
GetSecurityDescriptorGroup, GetSecurityDescriptorControl, GetSecurityDescriptorDacl, GetSecurityDescriptorLength, GetSecurityDescriptorOwner, GetSecurityDescriptorSacl, InitializeSecurityDescriptor, IsValidSecurityDescriptor, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner