Share via


C6248

warning C6248: setting a SECURITY_DESCRIPTOR’s DACL to NULL will result in an unprotected object

This warning identifies a call that sets a SECURITY_DESCRIPTOR's DACL field to null. If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created. A null DACL grants full access to any user who requests it; normal security checking is not performed with respect to the object. A null DACL should not be confused with an empty DACL. An empty DACL is a properly allocated and initialized DACL that contains no ACEs. An empty DACL grants no access to the object it is assigned to.

Objects that have null DACLs can have their security descriptors altered by malicious users so that no one has access to the object.

Even if everyone needs access to an object, the object should be secured so that only administrators can alter its security. If only the creator needs access to an object, a DACL should not be set on the object; the system will choose an appropriate default.

Example

The following code generates this warning because a null DACL is passed to the SetSecurityDescriptorDacl function:

#include <windows.h>

void f( PSECURITY_DESCRIPTOR pSecurityDescriptor )
{
  if (SetSecurityDescriptorDacl(pSecurityDescriptor,
                                TRUE,     // Dacl Present
                                NULL,     // NULL pointer to DACL    
                                FALSE))   // Defaulted

    {
      // Dacl is now applied to an object
    }
}

To see a complete example on how to create security descriptor, see Creating a Security Descriptor for a New Object in C++. For more information, see Creating a DACL.