private static ACCESS_ALLOWED_ACE GetAce(IntPtr pSecurityDescriptor, string sid) { bool daclPresent; bool daclDefaulted; IntPtr pAcl = IntPtr.Zero; Security.GetSecurityDescriptorDacl(pSecurityDescriptor, out daclPresent, ref pAcl, out daclDefaulted); if (daclPresent) { ACL_SIZE_INFORMATION AclSize = new ACL_SIZE_INFORMATION(); Security.GetAclInformation(pAcl, ref AclSize, (uint)Marshal.SizeOf(typeof(ACL_SIZE_INFORMATION)), ACL_INFORMATION_CLASS.AclSizeInformation); for (int i = 0; i < AclSize.AceCount; i++) { IntPtr pAce; Security.GetAce(pAcl, i, out pAce); ACCESS_ALLOWED_ACE ace = (ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(ACCESS_ALLOWED_ACE)); IntPtr iter = (IntPtr)((long)pAce + (long)Marshal.OffsetOf(typeof(ACCESS_ALLOWED_ACE), "SidStart")); byte[] sidBytes = null; int sidSize = (int)Security.GetLengthSid(iter); sidBytes = new byte[sidSize]; Marshal.Copy(iter, sidBytes, 0, sidSize); IntPtr pSid; Security.ConvertSidToStringSid(sidBytes, out pSid); string strSid = Marshal.PtrToStringAuto(pSid); if (strSid == sid) { return(ace); } } throw new Exception(string.Format("No ACE for SID '{0}' found in Security Descriptor.", sid)); } else { throw new Exception("No DACL found in Security Descriptor."); } }
private static extern bool GetAclInformation( IntPtr pAcl, ref ACL_SIZE_INFORMATION pAclInformation, uint nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass );
private static ACCESS_ALLOWED_ACE GetAce(IntPtr pSecurityDescriptor, string sid) { bool daclPresent; bool daclDefaulted; IntPtr pAcl = IntPtr.Zero; Security.GetSecurityDescriptorDacl(pSecurityDescriptor, out daclPresent, ref pAcl, out daclDefaulted); if (daclPresent) { ACL_SIZE_INFORMATION AclSize = new ACL_SIZE_INFORMATION(); Security.GetAclInformation(pAcl, ref AclSize, (uint)Marshal.SizeOf(typeof(ACL_SIZE_INFORMATION)), ACL_INFORMATION_CLASS.AclSizeInformation); for (int i = 0; i < AclSize.AceCount; i++) { IntPtr pAce; Security.GetAce(pAcl, i, out pAce); ACCESS_ALLOWED_ACE ace = (ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(ACCESS_ALLOWED_ACE)); IntPtr iter = (IntPtr)((long)pAce + (long)Marshal.OffsetOf(typeof(ACCESS_ALLOWED_ACE), "SidStart")); byte[] sidBytes = null; int sidSize = (int)Security.GetLengthSid(iter); sidBytes = new byte[sidSize]; Marshal.Copy(iter, sidBytes, 0, sidSize); IntPtr pSid; Security.ConvertSidToStringSid(sidBytes, out pSid); string strSid = Marshal.PtrToStringAuto(pSid); if (strSid == sid) { return ace; } } throw new Exception(string.Format("No ACE for SID '{0}' found in Security Descriptor.", sid)); } else { throw new Exception("No DACL found in Security Descriptor."); } }