If the object's owner or group is to be set, the caller must have WRITE_OWNER permission or have SeTakeOwnershipPrivilege.| BOOL SetKernelObjectSecurity(Handle, SecurityInformation, pSecurityDescriptor) | |||
| HANDLE Handle; | |||
| SECURITY_INFORMATION SecurityInformation; | |||
| PSECURITY_DESCRIPTOR pSecurityDescriptor; |
The SetKernelObjectSecurity function can be used to set the security of a kernel object (process, file, event, etc.).
This call is only successful if the following conditions are met:
If the object's owner or group is to be set, the caller must have WRITE_OWNER permission or have SeTakeOwnershipPrivilege.
If the object's DACL is to be set, the caller must have WRITE_DAC permission or be the object's owner.
If the object's SACL is to be set, the caller must have SeSecurityPrivilege.
Handle
Specifies a kernel-object handle.
SecurityInformation
Specifies the type of information in the security descriptor at pSecurityDescrptor.
pSecurityDescriptor
Points to a well-formed security descriptor to apply to the specified kernel object.
The return value is TRUE if the function was successful, or FALSE if an error occurred. Use the GetLastError function to obtain extended error information.