SECURITY_ATTRIBUTES

The SECURITY_ATTRIBUTES structure contains the security descriptor for an object and specifies whether the handle retrieved by specifying this structure is inheritable.

typedef struct _SECURITY_ATTRIBUTES { 
  DWORD  nLength; 
  LPVOID lpSecurityDescriptor; 
  BOOL   bInheritHandle; 
} SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES; 

Members

nLength

Specifies the size, in bytes, of this structure. Set this value to the size of the SECURITY_ATTRIBUTES structure.

Windows NT/2000: Some functions that use the SECURITY_ATTRIBUTES structure do not verify the value of the nLength member. However, an application should still set it properly. That ensures current, future, and cross-platform compatibility.

lpSecurityDescriptor

Pointer to a security descriptor for the object that controls the sharing of it. If NULL is specified for this member, the object is assigned the default security descriptor of the calling process. This is not the same as granting access to everyone by assigning a null DACL. The default security descriptor is based on the default DACL of the access token belonging to the calling process. By default, the default DACL in the access token of a process allows access only to the user represented by the access token. If other users must access the object, you can either create a security descriptor with a null DACL, or add ACEs to the DACL that grants access to a group of users.

Windows 95/98: The lpSecurityDescriptor member of this structure is ignored.

bInheritHandle

Specifies whether the returned handle is inherited when a new process is created. If this member is TRUE, the new process inherits the handle.

Requirements

  Windows NT/2000: Requires Windows NT 3.1 or later.
  Header: Declared in Winbase.h; include Windows.h.

See Also

Access Control Overview, Access Control Structures, SECURITY_DESCRIPTOR