RtlCreateSecurityDescriptor

NTSTATUS
    RtlCreateSecurityDescriptor(

        IN OUT PSECURITY_DESCRIPTOR  SecurityDescriptor,
        IN ULONG  Revision
        );

RtlCreateSecurityDescriptor initializes a new absolute-format security descriptor. On return, the security descriptor is initialized with no system ACL, no discretionary ACL, no owner, no primary group, and all control flags set to zero.

Parameters

SecurityDescriptor
Points to the buffer for the security descriptor to be initialized.
Revision
Specifies the revision level to assign to the security descriptor.

Return Value

RtlCreateSecurityDescriptor can return one of the following status codes:

Value

Meaning

STATUS_SUCCESS

The call completed successfully.

STATUS_UNKNOWN_REVISION

The Revision level provided is not supported.

Comments

In effect, a successful call to this routine initializes a security descriptor without security constraints.

Callers of RtlCreateSecurityDescriptor must be running at IRQL PASSIVE_LEVEL.

See Also

RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlValidSecurityDescriptor