The GetSecurityDescriptorSacl function retrieves a pointer to the system access-control list (ACL) in a specified security descriptor.
BOOL GetSecurityDescriptorSacl(
| PSECURITY_DESCRIPTOR pSecurityDescriptor, | // address of security descriptor |
| LPBOOL lpbSaclPresent, | // address of flag for presence of system ACL |
| PACL *pSacl, | // address of pointer to ACL |
| LPBOOL lpbSaclDefaulted | // address of flag for default system ACL |
| ); |
Parameters
pSecurityDescriptor
Points to the SECURITY_DESCRIPTOR structure containing the system ACL to which the function retrieves a pointer to.
lpbSaclPresent
Points to a flag the function sets to indicate the presence of a system ACL in the specified security descriptor. If this parameter is TRUE, the security descriptor contains a system ACL, and the remaining output parameters in this function receive valid values. If this parameter is FALSE, the security descriptor does not contain a system ACL, and the remaining output parameters do not receive valid values.
pSacl
Points to a pointer to an ACL structure. If a system ACL exists, the function sets the pointer pointed to by pSacl to the address of the security descriptor's system ACL. If a system ACL does not exist, no value is stored.
If the function stores a NULL value in the pointer pointed to by pSacl, the security descriptor has a NULL system ACL.
lpbSaclDefaulted
Points to a flag set to the value of the SE_SACL_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure if a system ACL exists for the security descriptor.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
See Also
ACL, GetSecurityDescriptorControl, GetSecurityDescriptorDacl, GetSecurityDescriptorGroup, GetSecurityDescriptorLength, GetSecurityDescriptorOwner, InitializeSecurityDescriptor, IsValidSecurityDescriptor, SECURITY_DESCRIPTOR, SECURITY_DESCRIPTOR_CONTROL, SetSecurityDescriptorSacl