SACL Access Problem

akin_ocal · July 3, 2007, 5:37am

I cant get SACL structure of a file , however i call a function : Privilege(SE_SECURITY_NAME,TRUE);

How can i get sacl ??

BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tp;

//
// obtain the token, first check the thread and then the process
//
if (!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, TRUE, &hToken)){
if (GetLastError() == ERROR_NO_TOKEN){
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return FALSE;
}
else
return FALSE;
}

//
// get the luid for the privilege
//
if (!LookupPrivilegeValue(NULL, pszPrivilege, &tp.Privileges[0].Luid))
return FALSE;

tp.PrivilegeCount = 1;

if (bEnable)
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;

//
// enable or disable the privilege
//
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0, (PTOKEN_PRIVILEGES)NULL, 0))
return FALSE;

if (!CloseHandle(hToken))
return FALSE;

return TRUE;
}

OSR_Community_User · July 3, 2007, 9:49am

GetSecurityDescriptorSacl(). Check the SDK documentation. Post this on
a sdk developer list.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Tuesday, July 03, 2007 05:40
To: Windows System Software Devs Interest List
Subject: [ntdev] SACL Access Problem

I cant get SACL structure of a file , however i call a function :
Privilege(SE_SECURITY_NAME,TRUE);

How can i get sacl ??

BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
{
HANDLE hToken;
TOKEN_PRIVILEGES tp;

//
// obtain the token, first check the thread and then the process
//
if (!OpenThreadToken(GetCurrentThread(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, TRUE, &hToken)){
if (GetLastError() == ERROR_NO_TOKEN){
if (!OpenProcessToken(GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return FALSE;
}
else
return FALSE;
}

//
// get the luid for the privilege
//
if (!LookupPrivilegeValue(NULL, pszPrivilege,
&tp.Privileges[0].Luid))
return FALSE;

tp.PrivilegeCount = 1;

if (bEnable)
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;

//
// enable or disable the privilege
//
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0,
(PTOKEN_PRIVILEGES)NULL, 0))
return FALSE;

if (!CloseHandle(hToken))
return FALSE;

return TRUE;
}

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer