[New - Windows NT]
The SetSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by a handle.
DWORD SetSecurityInfo(
HANDLE handle, | // handle to the object |
SE_OBJECT_TYPE ObjectType, | // type of object |
SECURITY_INFORMATION SecurityInfo, | // type of security information to set |
PSID psidOwner, | // pointer to the new owner SID |
PSID psidGroup, | // pointer to the new primary group SID |
PACL pDacl, | // pointer to the new DACL |
PACL pSacl | // pointer to the new SACL |
); |
Parameters
handle
A handle to the object for which to set security information.
ObjectType
Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object identified by the handle parameter.
SecurityInfo
A set of SECURITY_INFORMATION bit flags that indicate the type of security information to set. This parameter can be a combination of the following values.
Value | Meaning |
OWNER_SECURITY_INFORMATION | Set the owner security identifier (SID) in the object's security descriptor. The psidOwner parameter points to the new SID. |
GROUP_SECURITY_INFORMATION | Set the primary group SID in the object's security descriptor. The psidGroup parameter points to the new SID. |
DACL_SECURITY_INFORMATION | Set the discretionary access-control list (DACL) in the object's security descriptor. The pDacl parameter points to the new DACL. |
SACL_SECURITY_INFORMATION | Set the system access-control list (SACL) in the object's security descriptor. The pSacl parameter points to the new SACL. |
psidOwner
Pointer to a SID that identifies the object's owner. The SID must be one that can be assigned as the owner SID of a security descriptor. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. The caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. This parameter can be NULL if you are not setting the owner SID.
psidGroup
Pointer to a SID that identifies the object's primary group. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. This parameter can be NULL if you are not setting the primary group SID.
pDacl
Pointer to the new DACL for the object. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the object's owner. This parameter can be NULL if you are not setting the DACL.
pSacl
Pointer to the new SACL for the object. The SecurityInfo parameter must include the SACL_SECURITY_INFORMATION flag. The caller must have the SE_SECURITY_NAME privilege enabled. This parameter can be NULL if you are not setting the SACL.
Return Values
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in WINERROR.H.
See Also
ACL, GetNamedSecurityInfo, GetSecurityInfo, SE_OBJECT_TYPE, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetNamedSecurityInfo, SID