private static unsafe void UnsafeSetGroup(SecurityDescriptor secDesc, Sid group, bool defaulted)
{
if (!group.IsValid)
{
throw new ArgumentException("SID must be valid to set as group of a security descriptor", "group");
}
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldGroup;
if (!secDesc.IsNull)
{
BOOL oldDefaulted;
rc = Win32.GetSecurityDescriptorGroup(secDesc._secDesc, out pOldGroup, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
pOldGroup = IntPtr.Zero;
}
DWORD cbSidSize = (DWORD)group.Size;
IntPtr pNewGroup = Win32.AllocGlobal(cbSidSize);
try
{
// Copy the SID content to pNewGroup memory
fixed(byte *pNewSid = group.GetNativeSID())
{
rc = Win32.CopySid(cbSidSize, pNewGroup, (IntPtr)pNewSid);
Win32.CheckCall(rc);
}
// Set the new group SID
rc = Win32.SetSecurityDescriptorGroup(secDesc._secDesc,
pNewGroup, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
// Now, we can free the old group
Win32.FreeGlobal(pOldGroup);
}
catch
{
Win32.FreeGlobal(pNewGroup);
throw;
}
}
private static void UnsafeSetSacl(SecurityDescriptor secDesc, Sacl sacl, bool defaulted)
{
if (sacl == null)
{
throw new ArgumentException("Can't set null SACL on a security descriptor", "sacl");
}
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldSacl = IntPtr.Zero;
if (!secDesc.IsNull)
{
BOOL oldDefaulted, oldPresent;
rc = Win32.GetSecurityDescriptorSacl(secDesc._secDesc, out oldPresent, ref pOldSacl, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
}
IntPtr pNewSacl = IntPtr.Zero;
try
{
if (!sacl.IsNull && !sacl.IsEmpty)
{
byte [] pacl = sacl.GetNativeACL();
pNewSacl = Win32.AllocGlobal(pacl.Length);
Marshal.Copy(pacl, 0, pNewSacl, pacl.Length);
}
bool present = (sacl.IsNull || (pNewSacl != IntPtr.Zero));
rc = Win32.SetSecurityDescriptorSacl(
secDesc._secDesc, (present ? Win32.TRUE : Win32.FALSE),
pNewSacl, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
Win32.FreeGlobal(pOldSacl);
}
catch
{
Win32.FreeGlobal(pNewSacl);
throw;
}
}
private static void UnsafeSetSacl(SecurityDescriptor secDesc, Sacl sacl, bool defaulted)
{
if (sacl == null)
throw new ArgumentException("Can't set null SACL on a security descriptor", "sacl");
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldSacl = IntPtr.Zero;
if(!secDesc.IsNull)
{
BOOL oldDefaulted, oldPresent;
rc = Win32.GetSecurityDescriptorSacl(secDesc._secDesc, out oldPresent, ref pOldSacl, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
}
IntPtr pNewSacl = IntPtr.Zero;
try
{
if(!sacl.IsNull && !sacl.IsEmpty)
{
byte []pacl = sacl.GetNativeACL();
pNewSacl = Win32.AllocGlobal(pacl.Length);
Marshal.Copy(pacl, 0, pNewSacl, pacl.Length);
}
bool present = (sacl.IsNull || (pNewSacl != IntPtr.Zero));
rc = Win32.SetSecurityDescriptorSacl(
secDesc._secDesc, (present ? Win32.TRUE : Win32.FALSE),
pNewSacl, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
Win32.FreeGlobal(pOldSacl);
}
catch
{
Win32.FreeGlobal(pNewSacl);
throw;
}
}
private static unsafe void UnsafeSetOwner(SecurityDescriptor secDesc, Sid owner, bool defaulted)
{
if (! owner.IsValid)
throw new ArgumentException("SID must be valid to set as owner of a security descriptor", "owner");
secDesc.MakeAbsolute();
// First we have to get a copy of the old owner ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldOwner;
if(!secDesc.IsNull)
{
BOOL oldDefaulted;
rc = Win32.GetSecurityDescriptorOwner(secDesc._secDesc, out pOldOwner, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
pOldOwner = IntPtr.Zero;
}
DWORD cbSidSize = (DWORD)owner.Size;
IntPtr pNewOwner = Win32.AllocGlobal(cbSidSize);
try
{
// Copy the SID content to pNewOwner memory
fixed (byte *pNewSid = owner.GetNativeSID())
{
rc = Win32.CopySid(cbSidSize, pNewOwner, (IntPtr)pNewSid);
Win32.CheckCall(rc);
}
// Set the new owner SID
rc = Win32.SetSecurityDescriptorOwner(secDesc._secDesc,
pNewOwner, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
// Now, we can free the old owner
Win32.FreeGlobal(pOldOwner);
}
catch
{
Win32.FreeGlobal(pNewOwner);
throw;
}
}