Platform SDK: Access Control |
The SetPrivateObjectSecurity function modifies a private object's security descriptor.
To specify whether the protected server supports automatic inheritance of ACEs, use the SetPrivateObjectSecurityEx function.
BOOL SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation, // type PSECURITY_DESCRIPTOR ModificationDescriptor, // new SD PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, // SD PGENERIC_MAPPING GenericMapping, // mapping HANDLE Token // handle to client token );
On input, this is the current security descriptor of the private object. The function modifies it to produce the new security descriptor. If necessary, the SetPrivateObjectSecurityEx function allocates additional memory to produce a larger security descriptor.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The SetPrivateObjectSecurity function is successful only if the following conditions are met:
The process calling this function must not be impersonating a client.
Windows NT/2000: Requires Windows NT 3.1 or later.
Header: Declared in Winbase.h; include Windows.h.
Library: Use Advapi32.lib.
Client/Server Access Control Overview, Client/Server Access Control Functions, CreatePrivateObjectSecurity, DestroyPrivateObjectSecurity, GENERIC_MAPPING, GetPrivateObjectSecurity, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetFileSecurity, SetKernelObjectSecurity, SetPrivateObjectSecurityEx, SetUserObjectSecurity