public static void GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out Sid sidOwner,
out Sid sidGroup,
out Dacl dacl,
out Sacl sacl,
out SecurityDescriptor secDesc)
{
sidOwner = null;
sidGroup = null;
dacl = null;
sacl = null;
secDesc = null;
IntPtr ptrOwnerSid = IntPtr.Zero;
IntPtr ptrGroupSid = IntPtr.Zero;
IntPtr ptrDacl = IntPtr.Zero;
IntPtr ptrSacl = IntPtr.Zero;
IntPtr ptrSecDesc = IntPtr.Zero;
DWORD rc = Win32.GetNamedSecurityInfo(objectName, objectType, securityInfo,
ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
try
{
if (ptrOwnerSid != IntPtr.Zero)
sidOwner = new Sid(ptrOwnerSid);
if (ptrGroupSid != IntPtr.Zero)
sidGroup = new Sid(ptrGroupSid);
if (ptrDacl != IntPtr.Zero)
dacl = new Dacl(ptrDacl);
if (ptrSacl != IntPtr.Zero)
sacl = new Sacl(ptrSacl);
if (ptrSecDesc != IntPtr.Zero)
secDesc = new SecurityDescriptor(ptrSecDesc, true);
}
catch
{
if (ptrSecDesc != IntPtr.Zero)
Win32.LocalFree(ptrSecDesc);
throw;
}
}
internal static unsafe void UnsafeSetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
fixed(byte *pSidOwner = (sidOwner != null ? sidOwner.GetNativeSID() : null))
{
fixed(byte *pSidGroup = (sidGroup != null ? sidGroup.GetNativeSID() : null))
{
fixed(byte *pDacl = (dacl != null ? dacl.GetNativeACL() : null))
{
fixed(byte *pSacl = (sacl != null ? sacl.GetNativeACL() : null))
{
DWORD rc = Win32.SetSecurityInfo(handle, ObjectType, SecurityInfo,
(IntPtr)pSidOwner, (IntPtr)pSidGroup, (IntPtr)pDacl, (IntPtr)pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
}
}
}
}
public static void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetNamedSecurityInfo (objectName, objectType, securityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public static void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetSecurityInfo (handle, ObjectType, SecurityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public void SetSacl(Sacl sacl, bool defaulted)
{
UnsafeSetSacl(this, sacl, defaulted);
}
private static void UnsafeSetSacl(SecurityDescriptor secDesc, Sacl sacl, bool defaulted)
{
if (sacl == null)
throw new ArgumentException("Can't set null SACL on a security descriptor", "sacl");
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldSacl = IntPtr.Zero;
if(!secDesc.IsNull)
{
BOOL oldDefaulted, oldPresent;
rc = Win32.GetSecurityDescriptorSacl(secDesc._secDesc, out oldPresent, ref pOldSacl, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
}
IntPtr pNewSacl = IntPtr.Zero;
try
{
if(!sacl.IsNull && !sacl.IsEmpty)
{
byte []pacl = sacl.GetNativeACL();
pNewSacl = Win32.AllocGlobal(pacl.Length);
Marshal.Copy(pacl, 0, pNewSacl, pacl.Length);
}
bool present = (sacl.IsNull || (pNewSacl != IntPtr.Zero));
rc = Win32.SetSecurityDescriptorSacl(
secDesc._secDesc, (present ? Win32.TRUE : Win32.FALSE),
pNewSacl, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
Win32.FreeGlobal(pOldSacl);
}
catch
{
Win32.FreeGlobal(pNewSacl);
throw;
}
}
public void SetSacl(Sacl sacl)
{
SetSacl(sacl, false);
}
internal unsafe static void UnsafeSetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
byte[] pSidOwner = (sidOwner != null) ? sidOwner.GetNativeSID() : null;
byte[] pSidGroup = (sidGroup != null) ? sidGroup.GetNativeSID() : null;
byte[] pDacl = (dacl != null) ? dacl.GetNativeACL() : null;
byte[] pSacl = (sacl != null) ? sacl.GetNativeACL() : null;
DWORD rc = Win32.SetNamedSecurityInfo(objectName, objectType, securityInfo,
pSidOwner, pSidGroup, pDacl, pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
public static void GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out Sid sidOwner,
out Sid sidGroup,
out Dacl dacl,
out Sacl sacl,
out SecurityDescriptor secDesc)
{
sidOwner = null;
sidGroup = null;
dacl = null;
sacl = null;
secDesc = null;
var ptrOwnerSid = IntPtr.Zero;
var ptrGroupSid = IntPtr.Zero;
var ptrDacl = IntPtr.Zero;
var ptrSacl = IntPtr.Zero;
var ptrSecDesc = IntPtr.Zero;
var rc = Win32.GetNamedSecurityInfo(objectName, objectType, securityInfo,
ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
try {
if (ptrOwnerSid != IntPtr.Zero)
{
sidOwner = new Sid(ptrOwnerSid);
}
if (ptrGroupSid != IntPtr.Zero)
{
sidGroup = new Sid(ptrGroupSid);
}
if (ptrDacl != IntPtr.Zero)
{
dacl = new Dacl(ptrDacl);
}
if (ptrSacl != IntPtr.Zero)
{
sacl = new Sacl(ptrSacl);
}
if (ptrSecDesc != IntPtr.Zero)
{
secDesc = new SecurityDescriptor(ptrSecDesc, true);
}
}
catch {
if (ptrSecDesc != IntPtr.Zero)
{
Win32.LocalFree(ptrSecDesc);
}
throw;
}
}
public void SetSacl(Sacl sacl, bool defaulted)
{
UnsafeSetSacl(this, sacl, defaulted);
}
public void SetSacl(Sacl sacl)
{
SetSacl(sacl, false);
}