The InitializeAcl function creates a new ACL structure.
An ACL is an access-control list.
BOOL InitializeAcl(
PACL pAcl, | // address of access-control list |
DWORD nAclLength, | // size of access-control list |
DWORD dwAclRevision | // revision level of access-control list |
); |
Parameters
pAcl
Points to an ACL structure initialized by this function.
nAclLength
Specifies the length, in bytes, of the buffer pointed to by the pAcl parameter. This value must be large enough to contain the ACL header and all of the access-control entries (ACEs) to be stored in the ACL.
When calculating the size of an ACL, note that each ACE in an ACL gets the SID specified by its SidStart member copied to the ACE structure, starting at the ACE's SidStart member. Thus, each ACE added to the ACL requires room for the ACE plus room for its SID minus the size of the SidStart member (a DWORD).
For example, the size of an ACL buffer large enough to contain a single ACCESS_ALLOWED_ACE is :
cbAcl = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE)
+ GetLengthSid(pSid) - sizeof(DWORD) ;
Another example: the size of an ACL buffer large enough to contain seven ACCESS_DENIED_ACE structures is :
cbAcl = sizeof(ACL) + 7 * ( sizeof(ACCESS_DENIED_ACE) - sizeof(DWORD)) +
GetLengthSid(pSid1) + GetLengthSid(pSid2) + ... + GetLengthSid(pSid7)
dwAclRevision
Specifies the revision level of the ACL. This parameter must be set to the current revision level, defined as ACL_REVISION for this version of Windows.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
Remarks
The ACL initialized by this function contains no ACEs. It is empty, as opposed to being a nonexistent ACL. If an empty ACL is applied to an object, it implicitly denies all access to that object.
See Also
ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE, ACL, AddAccessAllowedAce, AddAccessDeniedAce, AddAce, AddAuditAccessAce, DeleteAce, GetAce, GetAclInformation, IsValidAcl, SetAclInformation, SID