The SetFileSecurity function sets the security of a file or directory object.
BOOL SetFileSecurity(
| LPCTSTR lpFileName, | // address of string for filename |
| SECURITY_INFORMATION SecurityInformation, | // type of information to set |
| PSECURITY_DESCRIPTOR pSecurityDescriptor | // address of security descriptor |
| ); |
Parameters
lpFileName
Points to a null-terminated string specifying the file or directory for which security is set.
SecurityInformation
Specifies a SECURITY_INFORMATION structure identifying the contents of the security descriptor pointed to by the pSecurityDescriptor parameter.
pSecurityDescriptor
Points to a SECURITY_DESCRIPTOR structure.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
Remarks
The SetFileSecurity function is successful only if the following conditions are met:
·If the object's owner is being set, the calling process must have either WRITE_OWNER permission or be the object's owner.
·If the object's discretionary access-control list (ACL) is being set, the calling process must have either WRITE_DAC permission or be the object's owner.
·If the object's system ACL is being set, the SE_SECURITY_NAME privilege must be enabled for the calling process.
See Also
GetFileSecurity, SECURITY_DESCRIPTOR, SECURITY_INFORMATION, SetKernelObjectSecurity, SetPrivateObjectSecurity, SetUserObjectSecurity