NTSTATUS
RtlCreateSecurityDescriptor(
IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
IN ULONG Revision
);
RtlCreateSecurityDescriptor initializes a new absolute-format security descriptor. On return, the security descriptor is initialized with no system ACL, no discretionary ACL, no owner, no primary group, and all control flags set to zero.
RtlCreateSecurityDescriptor can return one of the following status codes:
Value |
Meaning |
STATUS_SUCCESS |
The call completed successfully. |
STATUS_UNKNOWN_REVISION |
The Revision level provided is not supported. |
In effect, a successful call to this routine initializes a security descriptor without security constraints.
Callers of RtlCreateSecurityDescriptor must be running at IRQL PASSIVE_LEVEL.
RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlValidSecurityDescriptor