2.4.7 SECURITY_INFORMATION
The SECURITY_INFORMATION data type identifies the object-related security information being set or queried. This security information includes:
The owner of an object.
The primary group of an object.
The discretionary access control list (DACL) of an object.
The system access control list (SACL) of an object.
An unsigned 32-bit integer specifies portions of a SECURITY_DESCRIPTOR by means of bit flags. Individual bit values (combinable with the bitwise OR operation) are as shown in the following table.
|
Value |
Meaning |
|---|---|
|
OWNER_SECURITY_INFORMATION 0x00000001 |
The owner identifier of the object is being referenced. |
|
GROUP_SECURITY_INFORMATION 0x00000002 |
The primary group identifier of the object is being referenced. |
|
DACL_SECURITY_INFORMATION 0x00000004 |
The DACL of the object is being referenced. |
|
SACL_SECURITY_INFORMATION 0x00000008 |
The SACL of the object is being referenced. |
|
LABEL_SECURITY_INFORMATION 0x00000010 |
The mandatory integrity label is being referenced. |
|
UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000 |
The SACL inherits access control entries (ACEs) from the parent object. |
|
UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000 |
The DACL inherits ACEs from the parent object. |
|
PROTECTED_SACL_SECURITY_INFORMATION 0x40000000 |
The SACL cannot inherit ACEs. |
|
PROTECTED_DACL_SECURITY_INFORMATION 0x80000000 |
The DACL cannot inherit ACEs. |
|
ATTRIBUTE_SECURITY_INFORMATION 0x00000020 |
A SYSTEM_RESOURCE_ATTRIBUTE_ACE (section 2.4.4.15) is being referenced. |
|
SCOPE_SECURITY_INFORMATION 0x00000040 |
A SYSTEM_SCOPED_POLICY_ID_ACE (section 2.4.4.16) is being referenced. |
|
PROCESS_TRUST_LABEL_SECURITY_INFORMATION 0x00000080 |
Reserved. |
|
BACKUP_SECURITY_INFORMATION 0x00010000 |
The security descriptor is being accessed for use in a backup operation. |
This type is declared as follows:
-
typedef DWORD SECURITY_INFORMATION, *PSECURITY_INFORMATION;