Prev Next

SetNamedSecurityInfo info  Overview  Group

The SetNamedSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by name.

DWORD SetNamedSecurityInfo(

    LPTSTR pObjectName,

// name of the object

    SE_OBJECT_TYPE ObjectType,

// type of object

    SECURITY_INFORMATION SecurityInfo, 

// type of security information to set

    PSID psidOwner,

// pointer to the new owner SID

    PSID psidGroup,

// pointer to the new primary group SID

    PACL pDacl,

// pointer to the new DACL

    PACL pSacl

// pointer to the new SACL

   );

Parameters

pObjectName
Pointer to a null-terminated string that specifies the name of the object for which to set security information. This can be the name of a local or remote file or directory on a NTFS file system, Windows NT network sharename, registry key, semaphore, event, mutex, file mapping, or waitable timer.

For descriptions of the string formats for the different object types, see SE_OBJECT_TYPE.

ObjectType
Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object named by the pObjectName parameter.
SecurityInfo
A set of SECURITY_INFORMATION bit flags that indicate the type of security information to set. This parameter can be a combination of the following values.

Value

Meaning

OWNER_SECURITY_INFORMATION

Set the owner security identifier (SID) in the object’s security descriptor. The psidOwner parameter points to the new SID.

GROUP_SECURITY_INFORMATION

Set the primary group SID in the object’s security descriptor. The psidGroup parameter points to the new SID.

DACL_SECURITY_INFORMATION

Set the discretionary access-control list (DACL) in the object’s security descriptor. The pDacl parameter points to the new DACL.

SACL_SECURITY_INFORMATION

Set the system access-control list (SACL) in the object’s security descriptor. The pSacl parameter points to the new SACL.

psidOwner
Pointer to a SID that identifies the object’s owner. The SID must be one that can be assigned as the owner SID of a security descriptor. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. The caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. This parameter can be NULL if you are not setting the owner SID.
psidGroup
Pointer to a SID that identifies the object’s primary group. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. This parameter can be NULL if you are not setting the primary group SID.
pDacl
Pointer to the new DACL for the object. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the object’s owner. This parameter can be NULL if you are not setting the DACL.
pSacl
Pointer to the new SACL for the object. The SecurityInfo parameter must include the SACL_SECURITY_INFORMATION flag. The caller must have the SE_SECURITY_NAME privilege enabled. This parameter can be NULL if you are not setting the SACL.

Return Values

If the function succeeds, the return value is ERROR_SUCCESS.

If the function fails, the return value is a nonzero error code defined in WINERROR.H.

See Also

ACL, GetNamedSecurityInfo, GetSecurityInfo, SE_OBJECT_TYPE, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetSecurityInfo, SID