Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All
Expand Minimize

SetSecurityDescriptorSacl function

The SetSecurityDescriptorSacl function sets information in a system access control list (SACL). If there is already a SACL present in the security descriptor, it is replaced.

Syntax


BOOL WINAPI SetSecurityDescriptorSacl(
  _Inout_  PSECURITY_DESCRIPTOR pSecurityDescriptor,
  _In_     BOOL                 bSaclPresent,
  _In_opt_ PACL                 pSacl,
  _In_     BOOL                 bSaclDefaulted
);

Parameters

pSecurityDescriptor [in, out]

A pointer to the SECURITY_DESCRIPTOR structure to which the function adds the SACL. This security descriptor must be in absolute format, meaning that its members must be pointers to other structures, rather than offsets to contiguous data.

bSaclPresent [in]

Indicates the presence of a SACL in the security descriptor. If this parameter is TRUE, the function sets the SE_SACL_PRESENT flag in the SECURITY_DESCRIPTOR_CONTROL structure and uses the values in the pSacl and bSaclDefaulted parameters. If it is FALSE, the function does not set the SE_SACL_PRESENT flag, and pSacl and bSaclDefaulted are ignored.

pSacl [in, optional]

A pointer to an ACL structure that specifies the SACL for the security descriptor. If this parameter is NULL, a NULL SACL is assigned to the security descriptor. The SACL is referenced by, not copied into, the security descriptor.

bSaclDefaulted [in]

Indicates the source of the SACL. If this flag is TRUE, the SACL has been retrieved by some default mechanism. If it is FALSE, the SACL has been explicitly specified by a user. The function stores this value in the SE_SACL_DEFAULTED flag of the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is not specified, the SE_SACL_DEFAULTED flag is cleared.

Return value

If the function succeeds, the function returns nonzero.

If the function fails, it returns zero. To get extended error information, call GetLastError.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Winbase.h (include Windows.h)

Library

Advapi32.lib

DLL

Advapi32.dll

See also

Low-level Access Control
Low-level Access Control Functions
ACL
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
SECURITY_DESCRIPTOR
SECURITY_DESCRIPTOR_CONTROL
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

 

 

Community Additions

ADD
Show:
© 2015 Microsoft