_hunter
November 16th, 2007, 12:33 PM
Greetings...
I'm trying to add read/write rights for creator's group on file with such:
DWORD lastError = 0;
PACL dacl = NULL;
PSECURITY_DESCRIPTOR securityDescriptor = NULL;
DWORD result = GetNamedSecurityInfo(path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &dacl, NULL, &securityDescriptor);
if (result != ERROR_SUCCESS)
{
lastError = result;
goto error;
}
PSID sid = NULL;
DWORD sidSize = 0;
sidSize = SECURITY_MAX_SID_SIZE;
if (!(sid = LocalAlloc(LMEM_FIXED, sidSize)))
{
lastError = GetLastError();
goto error;
}
if (CreateWellKnownSid(WinCreatorGroupSid, NULL, sid, &sidSize) == 0)
{
lastError = GetLastError();
goto error;
}
if (AddAccessAllowedAce(dacl, ACL_REVISION, GENERIC_READ | GENERIC_WRITE, sid) == 0)
{
lastError = GetLastError();
goto error;
}
result = SetNamedSecurityInfo(path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, dacl, NULL);
if (result != ERROR_SUCCESS)
{
lastError = result;
goto error;
}
code. But there is a problem AddAccessAllowedAce fails with ERROR_ALLOTTED_SPACE_EXCEEDED. As I understands -- I should add some memory to dacl. But I don't know how to do this.
Can someone help me?
Best regards...
I'm trying to add read/write rights for creator's group on file with such:
DWORD lastError = 0;
PACL dacl = NULL;
PSECURITY_DESCRIPTOR securityDescriptor = NULL;
DWORD result = GetNamedSecurityInfo(path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &dacl, NULL, &securityDescriptor);
if (result != ERROR_SUCCESS)
{
lastError = result;
goto error;
}
PSID sid = NULL;
DWORD sidSize = 0;
sidSize = SECURITY_MAX_SID_SIZE;
if (!(sid = LocalAlloc(LMEM_FIXED, sidSize)))
{
lastError = GetLastError();
goto error;
}
if (CreateWellKnownSid(WinCreatorGroupSid, NULL, sid, &sidSize) == 0)
{
lastError = GetLastError();
goto error;
}
if (AddAccessAllowedAce(dacl, ACL_REVISION, GENERIC_READ | GENERIC_WRITE, sid) == 0)
{
lastError = GetLastError();
goto error;
}
result = SetNamedSecurityInfo(path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, dacl, NULL);
if (result != ERROR_SUCCESS)
{
lastError = result;
goto error;
}
code. But there is a problem AddAccessAllowedAce fails with ERROR_ALLOTTED_SPACE_EXCEEDED. As I understands -- I should add some memory to dacl. But I don't know how to do this.
Can someone help me?
Best regards...