Geting user SID from an IRP

How do you correctly get the user SID from an IRP? I tried using
RtlGetOwnerSecurityDescriptor(pIrpStack->Parameters.Create.SecurityContext->
AccessState->SecurityDescriptor) on the IRP_MJ_CREATE. However, according to
RtlValidSecurityDescriptor(),
pIrpStack->Parameters.Create.SecurityContext->AccessState->SecurityDescripto
r is an invalid security descriptor. What am i doing wrong, or is there
another way to get the user SID from an IRP? I need the SID form the user
that issued the i/o call, that’s why i was looking on the IRP and not using
GetCurrentThread/and the likes.

Thanks
Richard


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Just keep a table mapping PFILE_OBJECTs => PISIDs. Insert an entry in
create and remove it during close. You can get the user who performed the
open on any subsequent io by looking up the record for the target
PFILE_OBJECT.

-----Original Message-----
From: Paulo Valerio, Ricardo Ramalho [mailto:xxxxx@mail.gsd.inesc.pt]
Sent: Friday, March 23, 2001 12:17 PM
To: File Systems Developers
Subject: [ntfsd] Geting user SID from an IRP

How do you correctly get the user SID from an IRP? I tried using
RtlGetOwnerSecurityDescriptor(pIrpStack->Parameters.Create.SecurityContext->
AccessState->SecurityDescriptor) on the IRP_MJ_CREATE. However, according to
RtlValidSecurityDescriptor(),
pIrpStack->Parameters.Create.SecurityContext->AccessState->SecurityDescripto
r is an invalid security descriptor. What am i doing wrong, or is there
another way to get the user SID from an IRP? I need the SID form the user
that issued the i/o call, that’s why i was looking on the IRP and not using
GetCurrentThread/and the likes.

Thanks
Richard


You are currently subscribed to ntfsd as: xxxxx@ntpsoftware.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com