Caller supplied Security Descriptor in IRP_MJ_CREATE

Manish_Apte · July 12, 2005, 5:09pm

Folks,

CreateFile and IoCreateFile APIs give the caller an option to specify a
Security Descriptor to be applied as initial SD (instead of the FSD default)
when creating a new object.

When a caller calls these APIs with such a caller supplied SD, in the
IRP_MJ_CREATE IRP, I could not find an obvious place where the SD is made
available to the FSD.

Any idea how to retrieve this caller supplied SD in IRP_NJ_CREATE processing
in the FSD?

Is it available in
‘PtrIoStackLocation->Parameters.Create.SecurityContext->AccessState->Securit
yDescriptor’?

Thanks,

Manish

OSR_Community_User · July 12, 2005, 5:34pm

Yes it is.

More info @ http://www.osronline.com/article.cfm?article=312

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Manish Apte
Sent: Tuesday, July 12, 2005 2:09 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Caller supplied Security Descriptor in IRP_MJ_CREATE

Folks,

CreateFile and IoCreateFile APIs give the caller an option to specify a
Security Descriptor to be applied as initial SD (instead of the FSD
default) when creating a new object.

When a caller calls these APIs with such a caller supplied SD, in the
IRP_MJ_CREATE IRP, I could not find an obvious place where the SD is
made available to the FSD.

Any idea how to retrieve this caller supplied SD in IRP_NJ_CREATE
processing in the FSD?

Is it available in
‘PtrIoStackLocation->Parameters.Create.SecurityContext->AccessState->Sec
urityDescriptor’?

Thanks,

Manish

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

Manish_Apte · July 13, 2005, 11:41am

Thanks for the info, how are things with you?

Manish

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Vikramaditya Gupta
Sent: Tuesday, July 12, 2005 5:34 PM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] Caller supplied Security Descriptor in IRP_MJ_CREATE

Yes it is.

More info @ http://www.osronline.com/article.cfm?article=312

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Manish Apte
Sent: Tuesday, July 12, 2005 2:09 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Caller supplied Security Descriptor in IRP_MJ_CREATE

Folks,

CreateFile and IoCreateFile APIs give the caller an option to specify a
Security Descriptor to be applied as initial SD (instead of the FSD default)
when creating a new object.

When a caller calls these APIs with such a caller supplied SD, in the
IRP_MJ_CREATE IRP, I could not find an obvious place where the SD is made
available to the FSD.

Any idea how to retrieve this caller supplied SD in IRP_NJ_CREATE processing
in the FSD?

Is it available in
‘PtrIoStackLocation->Parameters.Create.SecurityContext->AccessState->Securit
yDescriptor’?

Thanks,

Manish

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

Caller supplied Security Descriptor in IRP_MJ_CREATE

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’ To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com