Windows NT versions 4.0 and later supports a set of functions for getting and setting the components of the security descriptor associated with a securable object. Use the GetSecurityInfo and SetSecurityInfo functions with objects identified by a handle. Use the GetNamedSecurityInfo and SetNamedSecurityInfo functions with objects identified by a name.
These functions use the Windows NT access rights rather than the provider-independent access rights. Consequently, you cannot use these functions to manipulate the security information of objects created by operating systems other than Windows NT.
The SetSecurityInfo and SetNamedSecurityInfo functions can set any combination of the DACL, SACL, owner SID, and group SID in an object's security descriptor. The GetSecurityInfo and GetNamedSecurityInfo functions retrieve a pointer to the security descriptor of a specified object. You can also use these functions to get pointers to the SIDs and ACLs in the security descriptor.
The GetSecurityInfo and SetSecurityInfo functions use handles to identify objects. You can use these functions with the following types of objects:
The GetNamedSecurityInfo and SetNamedSecurityInfo functions use names to identify objects. You can use these functions with the following types of objects: