Welcome Sign in
Microsoft Developer Network
Click to Rate and Give Feedback
MSDN
MSDN Library
Security
Authorization
 SECURITY_INFORMATION Data Type
SECURITY_INFORMATION Data Type

The SECURITY_INFORMATION data type identifies the object-related security information being set or queried. This security information includes: 


typedef DWORD SECURITY_INFORMATION, *PSECURITY_INFORMATION;

Remarks

Some SECURITY_INFORMATION members work only with the SetNamedSecurityInfo function. These members are not returned in the structure returned by other security functions such as GetNamedSecurityInfo or ConvertStringSecurityDescriptorToSecurityDescriptor.

Each item of security information is designated by a bit flag. Each bit flag can be one of the following values.

ValueMeaning
DACL_SECURITY_INFORMATIONThe DACL of the object is being referenced.
LABEL_SECURITY_INFORMATIONThe mandatory integrity label is being referenced.
GROUP_SECURITY_INFORMATIONThe primary group identifier of the object is being referenced.
OWNER_SECURITY_INFORMATIONThe owner identifier of the object is being referenced.
PROTECTED_DACL_SECURITY_INFORMATION The DACL cannot inherit access control entries (ACEs).
PROTECTED_SACL_SECURITY_INFORMATION The SACL cannot inherit ACEs.
SACL_SECURITY_INFORMATIONThe SACL of the object is being referenced.
UNPROTECTED_DACL_SECURITY_INFORMATION The DACL inherits ACEs from the parent object.
UNPROTECTED_SACL_SECURITY_INFORMATION The SACL inherits ACEs from the parent object.

Requirements

ClientRequires Windows Vista, Windows XP, or Windows 2000 Professional.
ServerRequires Windows Server 2008, Windows Server 2003, or Windows 2000 Server.
HeaderDeclared in Winnt.h; include Windows.h.

See Also

Access Control
Basic Access Control Structures
ConvertStringSecurityDescriptorToSecurityDescriptor
GetFileSecurity
GetKernelObjectSecurity
GetNamedSecurityInfo
GetPrivateObjectSecurity
GetUserObjectSecurity
SetFileSecurity
SetKernelObjectSecurity
SetNamedSecurityInfo
SetPrivateObjectSecurity
SetUserObjectSecurity


Send comments about this topic to Microsoft

Build date: 9/25/2008

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Integrity ACEs in the SACL      Gideon7   |   Edit   |  
Windows Vista (or later) stores the mandatory integrity label ACEs (if any) in the SACL. To view or manipulate the integrity ACEs requires that the flag LABEL_SECURITY_INFORMATION be set for both the GetXxxSecurity and the SetXxxSecurity functions. Without the flag the GetXxxSecurity functions will elide the mandatory integrity label ACEs from the SACL of the returned security descriptor.
Processing
© 2008 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker