SetSecurityInfo  14HY.F7 

[New - Windows NT]

The SetSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by a handle.

DWORD SetSecurityInfo(

    HANDLE handle,

// handle to the object

    SE_OBJECT_TYPE ObjectType,

// type of object

    SECURITY_INFORMATION SecurityInfo,

// type of security information to set

    PSID psidOwner,

// pointer to the new owner SID

    PSID psidGroup,

// pointer to the new primary group SID

    PACL pDacl,

// pointer to the new DACL

    PACL pSacl

// pointer to the new SACL

   );

 

 

Parameters

handle

A handle to the object for which to set security information.

ObjectType

Specifies a value from the SE_OBJECT_TYPE1P9ITON enumeration that indicates the type of object identified by the handle parameter.

SecurityInfo

A set of SECURITY_INFORMATION1IEJNC4 bit flags that indicate the type of security information to set. This parameter can be a combination of the following values.

Value

Meaning

OWNER_SECURITY_INFORMATION

Set the owner security identifier (SID) in the object s security descriptor. The psidOwner parameter points to the new SID.

GROUP_SECURITY_INFORMATION

Set the primary group SID in the object s security descriptor. The psidGroup parameter points to the new SID.

DACL_SECURITY_INFORMATION

Set the discretionary access-control list (DACL) in the object s security descriptor. The pDacl parameter points to the new DACL.

SACL_SECURITY_INFORMATION

Set the system access-control list (SACL) in the object s security descriptor. The pSacl parameter points to the new SACL.

 

psidOwner

Pointer to a SID that identifies the object s owner. The SID must be one that can be assigned as the owner SID of a security descriptor. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. The caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. This parameter can be NULL if you are not setting the owner SID.

psidGroup

Pointer to a SID that identifies the object s primary group. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. This parameter can be NULL if you are not setting the primary group SID.

pDacl

Pointer to the new DACL for the object. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the object s owner. This parameter can be NULL if you are not setting the DACL.

pSacl

Pointer to the new SACL for the object. The SecurityInfo parameter must include the SACL_SECURITY_INFORMATION flag. The caller must have the SE_SECURITY_NAME privilege enabled. This parameter can be NULL if you are not setting the SACL.

 

Return Values

If the function succeeds, the return value is ERROR_SUCCESS.

If the function fails, the return value is a nonzero error code defined in WINERROR.H.

See Also

ACL, GetNamedSecurityInfo, GetSecurityInfo, SE_OBJECT_TYPE, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetNamedSecurityInfo, SID