SetUserObjectSecurity  1BKD6Y 

The SetUserObjectSecurity function sets the security of a user object. This can be, for example, a window or a DDE conversation.

BOOL SetUserObjectSecurity(

    HANDLE hObj,

// handle of user object

    PSECURITY_INFORMATION pSIRequested,

// address of security information

    PSECURITY_DESCRIPTOR pSID

// address of security descriptor

   );

 

 

Parameters

hObj

Identifies a user object for which security information is set.

pSIRequested

Points to a SECURITY_INFORMATION1IEJNC4 structure describing the security information being set.

pSID

Points to a SECURITY_DESCRIPTOR188MR8K structure containing the new security information.

 

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError11C2VS7.

Remarks

The SetUserObjectSecurity function applies changes specified in a security descriptor to the security descriptor assigned to a user object. The object s security descriptor must be in self-relative form. If necessary, this function allocates additional memory to increase the size of the security descriptor.

The SetUserObjectSecurity function is successful only if the following conditions are met:

    If the object s owner is being set, the calling process must either have WRITE_OWNER permission or be the object s owner.

    If the object s discretionary access-control list (ACL) is being set, the calling process must either have WRITE_DAC permission or be the object s owner.

    If the object s system ACL is being set, the SE_SECURITY_NAME privilege must be enabled for the calling process.

 

See Also

GetUserObjectSecurity, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetFileSecurity, SetKernelObjectSecurity, SetPrivateObjectSecurity