The SECURITY_DESCRIPTOR structure contains the security information associated with an object. Applications use this structure to set and query an object's security status.
Applications are not to modify the SECURITY_DESCRIPTOR structure directly. For creating and manipulating a security descriptor, use the functions listed in the See Also section.
typedef PVOID PSECURITY_DESCRIPTOR;
A security descriptor includes information that specifies the following components of an object's security:
Security descriptors use access-control lists (ACLs) and security identifiers (SIDs) to specify the information in this list.
A security descriptor can be in absolute or self-relative form. In self-relative form, all members of the structure are located contiguously in memory. In absolute form, the structure only contains pointers to the members.
Windows NT: Requires version 3.1 or later.
Windows: Unsupported.
Windows CE: Unsupported.
Header: Declared in winnt.h.
Access Control Overview, Access Control Structures, GetSecurityDescriptorControl, GetSecurityDescriptorDacl, GetSecurityDescriptorGroup, GetSecurityDescriptorLength, GetSecurityDescriptorOwner, GetSecurityDescriptorSacl, InitializeSecurityDescriptor, IsValidSecurityDescriptor, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, SetSecurityDescriptorSacl