RtlCreateSecurityDescriptor

NTSTATUS
    RtlCreateSecurityDescriptor(
        IN OUT PSECURITY_DESCRIPTOR  SecurityDescriptor,
        IN ULONG  Revision
        );

RtlCreateSecurityDescriptor initializes a new absolute-format security descriptor. On return, the security descriptor is initialized with no system ACL, no discretionary ACL, no owner, no primary group, and all control flags set to zero.

Parameters

SecurityDescriptor

Points to the buffer for the security descriptor to be initialized.

Revision

Specifies the revision level to assign to the security descriptor.

Return Value

RtlCreateSecurityDescriptor can return one of the following status codes:

Value	Meaning
STATUS_SUCCESS	The call completed successfully.
STATUS_UNKNOWN_REVISION	The Revision level provided is not supported.

Comments

In effect, a successful call to this routine initializes a security descriptor without security constraints.

Callers of RtlCreateSecurityDescriptor must be running at IRQL PASSIVE_LEVEL.

See Also

RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlValidSecurityDescriptor