>Just keep a table mapping PFILE_OBJECTs => PISIDs. Insert an entry in
create and remove it during close. You can get the user who performed the
open on any subsequent io by looking up the record for the target
PFILE_OBJECT.
Ok, but how can i get the SID on the open IRP? I tried the
RtlGetOwnerSecurityDescriptor on
pIrpStack->Parameters.Create.SecurityContext->
AccessState->SecurityDescriptor, but i didn´t work. I keep getting Invalid
Security Descriptor (and that’s because i tested it with
RtlValidSecurityDescriptor(). When i didn´t test it, i got a BSOD).
What am i doing wrong, or is there another way to get the SID from the IRP?
-----Original Message-----
From: Paulo Valerio, Ricardo Ramalho [mailto:xxxxx@mail.gsd.inesc.pt]
Sent: Friday, March 23, 2001 12:17 PM
To: File Systems Developers
Subject: [ntfsd] Geting user SID from an IRP
How do you correctly get the user SID from an IRP? I tried using
RtlGetOwnerSecurityDescriptor(on the IRP_MJ_CREATE. However, according to
pIrpStack->Parameters.Create.SecurityContext->AccessState->SecurityDescripto
r is an . What am i doing wrong, or is there
another way to get the user SID from an IRP? I need the SID form the user
that issued the i/o call, that’s why i was looking on the IRP and not using
GetCurrentThread/and the likes.
Thanks
Richard
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com