MSDN Home >  MSDN Library >  Security >  SDK Documentation >  Authorization >  Authorization Reference >  Authorization Functions
 
Platform SDK: Security

SetSecurityDescriptorSacl

The SetSecurityDescriptorSacl function sets information in a system access control list (SACL). If there is already a system ACL present in the security descriptor, it is replaced.

BOOL SetSecurityDescriptorSacl(
  PSECURITY_DESCRIPTOR pSecurityDescriptor,
  BOOL bSaclPresent,
  PACL pSacl,
  BOOL bSaclDefaulted
);

Parameters

pSecurityDescriptor
[in, out] Pointer to the SECURITY_DESCRIPTOR structure to which the function adds the system ACL. This security descriptor must be in absolute format, meaning that its members must be pointers to other structures, rather than offsets to contiguous data.
bSaclPresent
[in] Indicates the presence of a system ACL in the security descriptor. If this parameter is TRUE, the function sets the SE_SACL_PRESENT flag in the SECURITY_DESCRIPTOR_CONTROL structure and uses the values in the pSacl and bSaclDefaulted parameters. If it is FALSE, the function does not set the SE_SACL_PRESENT flag, and pSacl and bSaclDefaulted are ignored.
pSacl
[in] Pointer to an ACL structure that specifies the system ACL for the security descriptor. If this parameter is NULL, a NULL system ACL is assigned to the security descriptor. The system ACL is referenced by, not copied into, the security descriptor.
bSaclDefaulted
[in] Indicates the source of the system ACL. If this flag is TRUE, the system ACL has been retrieved by some default mechanism. If it is FALSE, the system ACL has been explicitly specified by a user. The function stores this value in the SE_SACL_DEFAULTED flag of the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is not specified, the SE_SACL_DEFAULTED flag is cleared.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Requirements

Windows NT/2000/XP: Included in Windows NT 3.1 and later, Windows 2000, Windows XP, and Windows .NET Server 2003 family.
Windows 95/98/Me: Unsupported.
Header: Declared in Winbase.h; include Windows.h.
Library: Use Advapi32.lib.

See Also

Low-Level Access Control Overview, Low-Level Access Control Functions, ACL, GetSecurityDescriptorSacl, InitializeSecurityDescriptor, IsValidSecurityDescriptor, SECURITY_DESCRIPTOR, SECURITY_DESCRIPTOR_CONTROL, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner

Platform SDK Release: October 2002
What did you think of this topic?
Let us know.		 Order a Platform SDK CD Online
(U.S./Canada)   (International)

 
  Contact Us   |   E-Mail this Page   |   MSDN Flash Newsletter   |   Legal
  © 2002 Microsoft Corporation. All rights reserved.     Terms of Use    Privacy Statement     Accessibility