내보내기(0) 인쇄
모두 확장
EN
이 콘텐츠는 한국어로 제공되지 않아 영어 버전으로 표시됩니다.

RegGetKeySecurity function

The RegGetKeySecurity function retrieves a copy of the security descriptor protecting the specified open registry key.

Syntax


LONG WINAPI RegGetKeySecurity(
  _In_       HKEY hKey,
  _In_       SECURITY_INFORMATION SecurityInformation,
  _Out_opt_  PSECURITY_DESCRIPTOR pSecurityDescriptor,
  _Inout_    LPDWORD lpcbSecurityDescriptor
);

Parameters

hKey [in]

A handle to an open key for which to retrieve the security descriptor.

SecurityInformation [in]

A SECURITY_INFORMATION value that indicates the requested security information.

pSecurityDescriptor [out, optional]

A pointer to a buffer that receives a copy of the requested security descriptor.

lpcbSecurityDescriptor [in, out]

A pointer to a variable that specifies the size, in bytes, of the buffer pointed to by the pSecurityDescriptor parameter. When the function returns, the variable contains the number of bytes written to the buffer.

Return value

If the function succeeds, the function returns ERROR_SUCCESS.

If the function fails, it returns a nonzero error code defined in WinError.h. You can use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error.

Remarks

If the buffer specified by the pSecurityDescriptor parameter is too small, the function returns ERROR_INSUFFICIENT_BUFFER and the lpcbSecurityDescriptor parameter contains the number of bytes required for the requested security descriptor.

To read the owner, group, or discretionary access control list (DACL) from the key's security descriptor, the calling process must have been granted READ_CONTROL access when the handle was opened. To get READ_CONTROL access, the caller must be the owner of the key or the key's DACL must grant the access.

To read the system access control list (SACL) from the security descriptor, the calling process must have been granted ACCESS_SYSTEM_SECURITY access when the key was opened. The correct way to get this access is to enable the SE_SECURITY_NAME privilege in the caller's current token, open the handle for ACCESS_SYSTEM_SECURITY access, and then disable the privilege.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Winreg.h (include Windows.h)

Library

Advapi32.lib

DLL

Advapi32.dll

See also

Low-level Access Control
Low-level Access Control Functions
FormatMessage
RegDeleteKey
RegOpenKeyEx
RegSetKeySecurity
SECURITY_INFORMATION

 

 

커뮤니티 추가 항목

추가
Microsoft는 MSDN 웹 사이트에 대한 귀하의 의견을 이해하기 위해 온라인 설문 조사를 진행하고 있습니다. 참여하도록 선택하시면 MSDN 웹 사이트에서 나가실 때 온라인 설문 조사가 표시됩니다.

참여하시겠습니까?
표시:
© 2014 Microsoft