SecurityDescriptorControl C# (CSharp) примеры использования

Пример #1

0

Показать файл

Файл: SecurityDescriptor.cs Проект: SonnyX/SMB-Client

        public SecurityDescriptor(byte[] buffer, int offset)
        {
            Revision = ByteReader.ReadByte(buffer, ref offset);
            Sbz1     = ByteReader.ReadByte(buffer, ref offset);
            Control  = (SecurityDescriptorControl)LittleEndianReader.ReadUInt16(buffer, ref offset);
            uint offsetOwner = LittleEndianReader.ReadUInt32(buffer, ref offset);
            uint offsetGroup = LittleEndianReader.ReadUInt32(buffer, ref offset);
            uint offsetSacl  = LittleEndianReader.ReadUInt32(buffer, ref offset);
            uint offsetDacl  = LittleEndianReader.ReadUInt32(buffer, ref offset);

            if (offsetOwner != 0)
            {
                OwnerSid = new SID(buffer, (int)offsetOwner);
            }

            if (offsetGroup != 0)
            {
                GroupSid = new SID(buffer, (int)offsetGroup);
            }

            if (offsetSacl != 0)
            {
                Sacl = new ACL(buffer, (int)offsetSacl);
            }

            if (offsetDacl != 0)
            {
                Dacl = new ACL(buffer, (int)offsetDacl);
            }
        }

Пример #2

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

        public SecurityDescriptor(
            SecurityIdentifier owner,
            SecurityIdentifier group,
            AccessControlList dacl,
            AccessControlList sacl,
            SecurityDescriptorControl control)
        {
            // create security descriptor
            _pSd = CreateSecurityDescriptor(
                owner == null ? IntPtr.Zero : owner.Handle,
                group == null ? IntPtr.Zero : group.Handle,
                dacl == null ? IntPtr.Zero : dacl.Handle,
                sacl == null ? IntPtr.Zero : sacl.Handle,
                control);

            // query properties
            uint revision;
            uint controlFlags;

            if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            _revision = (int)revision;
            _control  = (SecurityDescriptorControl)controlFlags;
            _owner    = owner;
            _group    = group;
            _dacl     = dacl;
            _sacl     = sacl;
        }

Пример #3

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

		public SecurityDescriptor(
			SecurityIdentifier owner,
			SecurityIdentifier group,
			AccessControlList dacl,
			AccessControlList sacl,
			SecurityDescriptorControl control)
		{
			// create security descriptor
			_pSd = CreateSecurityDescriptor(
				owner == null ? IntPtr.Zero : owner.Handle,
				group == null ? IntPtr.Zero : group.Handle,
				dacl == null ? IntPtr.Zero : dacl.Handle,
				sacl == null ? IntPtr.Zero : sacl.Handle,
				control);

			// query properties
			uint revision;
			uint controlFlags;
			if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			_revision = (int)revision;
			_control = (SecurityDescriptorControl)controlFlags;
			_owner = owner;
			_group = group;
			_dacl = dacl;
			_sacl = sacl;
		}

Пример #4

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

        /// <summary>
        /// Returns security descriptor information
        /// </summary>
        private static void GetSecurityDescriptorInfo(
            IntPtr pSd,
            out IntPtr pOwner,
            out IntPtr pGroup,
            out IntPtr pDacl,
            out IntPtr pSacl,
            out SecurityDescriptorControl control)
        {
            // parameters validation
            if (pSd == IntPtr.Zero)
            {
                throw new ArgumentNullException("pSd");
            }

            // query SIDs
            bool ownerDefaulted;

            if (!SecurityNative.GetSecurityDescriptorOwner(pSd, out pOwner, out ownerDefaulted))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            bool groupDefaulted;

            if (!SecurityNative.GetSecurityDescriptorGroup(pSd, out pGroup, out groupDefaulted))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            // query ACLs
            bool daclPresent;
            bool daclDefaulted;

            if (!SecurityNative.GetSecurityDescriptorDacl(pSd, out daclPresent, out pDacl, out daclDefaulted))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            bool saclPresent;
            bool saclDefaulted;

            if (!SecurityNative.GetSecurityDescriptorSacl(pSd, out saclPresent, out pSacl, out saclDefaulted))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            // query properties
            uint revision;
            uint controlFlags;

            if (!SecurityNative.GetSecurityDescriptorControl(pSd, out controlFlags, out revision))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            control = (SecurityDescriptorControl)controlFlags;
        }

Пример #5

0

Показать файл

 private static void UpdateSecurityDescriptorControl(SecurityDescriptor sd, SecurityDescriptorControl control)
 {
     if (control.HasFlag(SecurityDescriptorControl.OwnerDefaulted) && sd.Owner != null)
     {
         sd.Owner.Defaulted = true;
     }
     if (control.HasFlag(SecurityDescriptorControl.GroupDefaulted) && sd.Group != null)
     {
         sd.Group.Defaulted = true;
     }
     if (sd.Dacl != null)
     {
         if (control.HasFlag(SecurityDescriptorControl.DaclDefaulted))
         {
             sd.Dacl.Defaulted = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.DaclProtected))
         {
             sd.Dacl.Protected = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.DaclAutoInherited))
         {
             sd.Dacl.AutoInherited = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.DaclAutoInheritReq))
         {
             sd.Dacl.AutoInheritReq = true;
         }
     }
     if (sd.Sacl != null)
     {
         if (control.HasFlag(SecurityDescriptorControl.SaclDefaulted))
         {
             sd.Sacl.Defaulted = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.SaclProtected))
         {
             sd.Sacl.Protected = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.SaclAutoInherited))
         {
             sd.Sacl.AutoInherited = true;
         }
         if (control.HasFlag(SecurityDescriptorControl.SaclAutoInheritReq))
         {
             sd.Sacl.AutoInheritReq = true;
         }
     }
     if (control.HasFlag(SecurityDescriptorControl.ServerSecurity))
     {
         sd.ServerSecurity = true;
     }
     if (control.HasFlag(SecurityDescriptorControl.DaclUntrusted))
     {
         sd.DaclUntrusted = true;
     }
 }

Пример #6

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

        /// <summary>
        /// Creates security descriptor
        /// </summary>
        private static LocalAllocHandle CreateSecurityDescriptor(
            IntPtr pOwner,
            IntPtr pGroup,
            IntPtr pDacl,
            IntPtr pSacl,
            SecurityDescriptorControl control)
        {
            // correct control flags
            if (pDacl != IntPtr.Zero)
            {
                control |= SecurityDescriptorControl.DaclPresent;
            }
            if (pSacl != IntPtr.Zero)
            {
                control |= SecurityDescriptorControl.SaclPresent;
            }

            // allocate memory for security descriptor
            LocalAllocHandle pSd = new LocalAllocHandle(SecurityNative.SecurityDescriptor.Size);

            // initialize security descriptor
            if (!SecurityNative.InitializeSecurityDescriptor(pSd, SecurityNative.SECURITY_DESCRIPTOR_REVISION))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            // set security descriptor control
            if (!SecurityNative.SetSecurityDescriptorControl(pSd, (uint)SecurityDescriptorControl.InheritenceMask, (uint)(control & SecurityDescriptorControl.InheritenceMask)))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            // set SIDs
            if (!SecurityNative.SetSecurityDescriptorOwner(pSd, pOwner, (control & SecurityDescriptorControl.OwnerDefaulted) != 0))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            if (!SecurityNative.SetSecurityDescriptorGroup(pSd, pGroup, (control & SecurityDescriptorControl.GroupDefaulted) != 0))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            // set ACLs
            if (!SecurityNative.SetSecurityDescriptorDacl(pSd, (control & SecurityDescriptorControl.DaclPresent) != 0, pDacl, (control & SecurityDescriptorControl.DaclDefaulted) != 0))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            if (!SecurityNative.SetSecurityDescriptorSacl(pSd, (control & SecurityDescriptorControl.SaclPresent) != 0, pSacl, (control & SecurityDescriptorControl.SaclDefaulted) != 0))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            return(pSd);
        }

Пример #7

0

Показать файл

Файл: NtSecurityNative.cs Проект: peterpavles/sandbox-attacksurface-analysis-tools

 public bool HasFlag(SecurityDescriptorControl control)
 {
     return((control & Control) == control);
 }

Пример #8

0

Показать файл

Файл: NativeMethods.cs Проект: kouweizhong/AlphaFS

 internal static extern bool GetSecurityDescriptorControl(SafeGlobalMemoryBufferHandle pSecurityDescriptor, out SecurityDescriptorControl pControl, out uint lpdwRevision);

Пример #9

0

Показать файл

        /// <summary>
        /// Convert security descriptor to a byte array
        /// </summary>
        /// <returns>The binary security descriptor</returns>
        public byte[] ToByteArray()
        {
            SafeStructureInOutBuffer <SecurityDescriptorStructure> sd_buffer = null;
            SafeHGlobalBuffer   dacl_buffer  = null;
            SafeHGlobalBuffer   sacl_buffer  = null;
            SafeSidBufferHandle owner_buffer = null;
            SafeSidBufferHandle group_buffer = null;

            try
            {
                sd_buffer = new SafeStructureInOutBuffer <SecurityDescriptorStructure>();
                NtRtl.RtlCreateSecurityDescriptor(sd_buffer, Revision).ToNtException();
                SecurityDescriptorControl control = Control & SecurityDescriptorControl.ValidControlSetMask;
                NtRtl.RtlSetControlSecurityDescriptor(sd_buffer, control, control).ToNtException();
                if (Dacl != null)
                {
                    if (!Dacl.NullAcl)
                    {
                        dacl_buffer = new SafeHGlobalBuffer(Dacl.ToByteArray());
                    }
                    else
                    {
                        dacl_buffer = new SafeHGlobalBuffer(IntPtr.Zero, 0, false);
                    }

                    NtRtl.RtlSetDaclSecurityDescriptor(sd_buffer, true, dacl_buffer.DangerousGetHandle(), Dacl.Defaulted).ToNtException();
                }
                if (Sacl != null)
                {
                    if (!Sacl.NullAcl)
                    {
                        sacl_buffer = new SafeHGlobalBuffer(Sacl.ToByteArray());
                    }
                    else
                    {
                        sacl_buffer = new SafeHGlobalBuffer(IntPtr.Zero, 0, false);
                    }

                    NtRtl.RtlSetSaclSecurityDescriptor(sd_buffer, true, sacl_buffer.DangerousGetHandle(), Sacl.Defaulted).ToNtException();
                }
                if (Owner != null)
                {
                    owner_buffer = Owner.Sid.ToSafeBuffer();
                    NtRtl.RtlSetOwnerSecurityDescriptor(sd_buffer, owner_buffer.DangerousGetHandle(), Owner.Defaulted);
                }
                if (Group != null)
                {
                    group_buffer = Group.Sid.ToSafeBuffer();
                    NtRtl.RtlSetGroupSecurityDescriptor(sd_buffer, group_buffer.DangerousGetHandle(), Group.Defaulted);
                }

                int      total_length = 0;
                NtStatus status       = NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, new SafeHGlobalBuffer(IntPtr.Zero, 0, false), ref total_length);
                if (status != NtStatus.STATUS_BUFFER_TOO_SMALL)
                {
                    status.ToNtException();
                }

                using (SafeHGlobalBuffer relative_sd = new SafeHGlobalBuffer(total_length))
                {
                    NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, relative_sd, ref total_length).ToNtException();
                    return(relative_sd.ToArray());
                }
            }
            finally
            {
                sd_buffer?.Close();
                dacl_buffer?.Close();
                sacl_buffer?.Close();
                owner_buffer?.Close();
                group_buffer?.Close();
            }
        }

Пример #10

0

Показать файл

Файл: Container.cs Проект: pdb0102/CspTool

 static extern bool GetSecurityDescriptorControl(byte[] pSecurityDescriptor, ref SecurityDescriptorControl pControl, ref int lpdwRevision);

Пример #11

0

Показать файл

        private NtResult <SafeHGlobalBuffer> CreateAbsoluteSecurityDescriptor(bool throw_on_error)
        {
            byte[] dacl       = Dacl?.ToByteArray();
            byte[] sacl       = Sacl?.ToByteArray();
            byte[] owner      = Owner?.Sid.ToArray();
            byte[] group      = Group?.Sid.ToArray();
            int    total_size = GetLength(dacl) + GetLength(sacl) + GetLength(owner) + GetLength(group);

            using (var sd_buffer = new SafeStructureInOutBuffer <SecurityDescriptorStructure>(total_size, true))
            {
                NtStatus status = NtRtl.RtlCreateSecurityDescriptor(sd_buffer, Revision);
                if (!status.IsSuccess())
                {
                    return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                }

                SecurityDescriptorControl control = Control & SecurityDescriptorControl.ValidControlSetMask;
                status = NtRtl.RtlSetControlSecurityDescriptor(sd_buffer, control, control);
                if (!status.IsSuccess())
                {
                    return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                }

                int current_ofs = 0;
                if (Dacl != null)
                {
                    IntPtr ptr = UpdateBuffer(sd_buffer, Dacl.NullAcl ? null : dacl, ref current_ofs);
                    status = NtRtl.RtlSetDaclSecurityDescriptor(sd_buffer, true, ptr, Dacl.Defaulted);
                    if (!status.IsSuccess())
                    {
                        return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                    }
                }

                if (Sacl != null)
                {
                    IntPtr ptr = UpdateBuffer(sd_buffer, Sacl.NullAcl ? null : sacl, ref current_ofs);
                    status = NtRtl.RtlSetSaclSecurityDescriptor(sd_buffer, true, ptr, Sacl.Defaulted);
                    if (!status.IsSuccess())
                    {
                        return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                    }
                }

                if (Owner != null)
                {
                    IntPtr ptr = UpdateBuffer(sd_buffer, owner, ref current_ofs);
                    status = NtRtl.RtlSetOwnerSecurityDescriptor(sd_buffer, ptr, Owner.Defaulted);
                    if (!status.IsSuccess())
                    {
                        return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                    }
                }

                if (Group != null)
                {
                    IntPtr ptr = UpdateBuffer(sd_buffer, group, ref current_ofs);
                    status = NtRtl.RtlSetGroupSecurityDescriptor(sd_buffer, ptr, Group.Defaulted);
                    if (!status.IsSuccess())
                    {
                        return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
                    }
                }

                return(status.CreateResult <SafeHGlobalBuffer>(throw_on_error, () => sd_buffer.Detach()));
            }
        }

Пример #12

0

Показать файл

Файл: NativeMethods.cs Проект: Sicos1977/AlphaFS

 internal static extern bool GetSecurityDescriptorControl(SafeGlobalMemoryBufferHandle pSecurityDescriptor, out SecurityDescriptorControl pControl, out uint lpdwRevision);

Пример #13

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

		/// <summary>
		/// Returns security descriptor information
		/// </summary>
		private static void GetSecurityDescriptorInfo(
			IntPtr pSd,
			out IntPtr pOwner,
			out IntPtr pGroup,
			out IntPtr pDacl,
			out IntPtr pSacl,
			out SecurityDescriptorControl control)
		{
			// parameters validation
			if (pSd == IntPtr.Zero)
				throw new ArgumentNullException("pSd");

			// query SIDs
			bool ownerDefaulted;
			if (!SecurityNative.GetSecurityDescriptorOwner(pSd, out pOwner, out ownerDefaulted))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			bool groupDefaulted;
			if (!SecurityNative.GetSecurityDescriptorGroup(pSd, out pGroup, out groupDefaulted))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			// query ACLs
			bool daclPresent;
			bool daclDefaulted;
			if (!SecurityNative.GetSecurityDescriptorDacl(pSd, out daclPresent, out pDacl, out daclDefaulted))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			bool saclPresent;
			bool saclDefaulted;
			if (!SecurityNative.GetSecurityDescriptorSacl(pSd, out saclPresent, out pSacl, out saclDefaulted))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			// query properties
			uint revision;
			uint controlFlags;
			if (!SecurityNative.GetSecurityDescriptorControl(pSd, out controlFlags, out revision))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			control = (SecurityDescriptorControl)controlFlags;
		}

Пример #14

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

		/// <summary>
		/// Creates security descriptor
		/// </summary>
		private static LocalAllocHandle CreateSecurityDescriptor(
			IntPtr pOwner,
			IntPtr pGroup,
			IntPtr pDacl,
			IntPtr pSacl,
			SecurityDescriptorControl control)
		{
			// correct control flags
			if (pDacl != IntPtr.Zero)
				control |= SecurityDescriptorControl.DaclPresent;
			if (pSacl != IntPtr.Zero)
				control |= SecurityDescriptorControl.SaclPresent;

			// allocate memory for security descriptor
			LocalAllocHandle pSd = new LocalAllocHandle(SecurityNative.SecurityDescriptor.Size);

			// initialize security descriptor
			if (!SecurityNative.InitializeSecurityDescriptor(pSd, SecurityNative.SECURITY_DESCRIPTOR_REVISION))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			// set security descriptor control
			if (!SecurityNative.SetSecurityDescriptorControl(pSd, (uint)SecurityDescriptorControl.InheritenceMask, (uint)(control & SecurityDescriptorControl.InheritenceMask)))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			// set SIDs
			if (!SecurityNative.SetSecurityDescriptorOwner(pSd, pOwner, (control & SecurityDescriptorControl.OwnerDefaulted) != 0))
				throw new Win32Exception(Marshal.GetLastWin32Error());
			if (!SecurityNative.SetSecurityDescriptorGroup(pSd, pGroup, (control & SecurityDescriptorControl.GroupDefaulted) != 0))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			// set ACLs
			if (!SecurityNative.SetSecurityDescriptorDacl(pSd, (control & SecurityDescriptorControl.DaclPresent) != 0, pDacl, (control & SecurityDescriptorControl.DaclDefaulted) != 0))
				throw new Win32Exception(Marshal.GetLastWin32Error());
			if (!SecurityNative.SetSecurityDescriptorSacl(pSd, (control & SecurityDescriptorControl.SaclPresent) != 0, pSacl, (control & SecurityDescriptorControl.SaclDefaulted) != 0))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			return pSd;
		}

Пример #15

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

        internal SecurityDescriptor(IntPtr pSd, bool copy)
        {
            // get security descriptor information
            IntPtr pOwner;
            IntPtr pGroup;
            IntPtr pDacl;
            IntPtr pSacl;
            SecurityDescriptorControl control;

            GetSecurityDescriptorInfo(
                pSd,
                out pOwner,
                out pGroup,
                out pDacl,
                out pSacl,
                out control);

            bool copyStructs;

            if (copy)
            {
                // create security descriptor
                _pSd        = CreateSecurityDescriptor(pOwner, pGroup, pDacl, pSacl, control);
                copyStructs = true;
            }
            else
            {
                // store pointer
                _pSd        = new LocalAllocHandle(pSd);
                copyStructs = (control & SecurityDescriptorControl.SelfRelative) != 0;
            }

            // query properties
            uint revision;
            uint controlFlags;

            if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            _revision = (int)revision;
            _control  = (SecurityDescriptorControl)controlFlags;

            if (pOwner != IntPtr.Zero)
            {
                _owner = new SecurityIdentifier(pOwner, copyStructs);
            }
            if (pGroup != IntPtr.Zero)
            {
                _group = new SecurityIdentifier(pGroup, copyStructs);
            }
            if (pDacl != IntPtr.Zero)
            {
                _dacl = new AccessControlList(pDacl, copyStructs);
            }
            if (pSacl != IntPtr.Zero)
            {
                _sacl = new AccessControlList(pSacl, copyStructs);
            }
        }

Пример #16

0

Показать файл

Файл: NtSecurityNative.cs Проект: peterpavles/sandbox-attacksurface-analysis-tools

 public static extern NtStatus RtlGetControlSecurityDescriptor(SafeBuffer SecurityDescriptor, out SecurityDescriptorControl Control, out uint Revision);

Пример #17

0

Показать файл

Файл: NtSecurityNative.cs Проект: peterpavles/sandbox-attacksurface-analysis-tools

 public static extern NtStatus RtlSetControlSecurityDescriptor(SafeBuffer SecurityDescriptor, SecurityDescriptorControl Control, SecurityDescriptorControl ControlMask);

Пример #18

0

Показать файл

Файл: SecurityDescriptor.cs Проект: Orvid/NAntUniversalTasks

		internal SecurityDescriptor(IntPtr pSd, bool copy)
		{
			// get security descriptor information
			IntPtr pOwner;
			IntPtr pGroup;
			IntPtr pDacl;
			IntPtr pSacl;
			SecurityDescriptorControl control;

			GetSecurityDescriptorInfo(
				pSd,
				out pOwner,
				out pGroup,
				out pDacl,
				out pSacl,
				out control);

			bool copyStructs;
			if (copy)
			{
				// create security descriptor
				_pSd = CreateSecurityDescriptor(pOwner, pGroup, pDacl, pSacl, control);
				copyStructs = true;
			}
			else
			{
				// store pointer
				_pSd = new LocalAllocHandle(pSd);
				copyStructs = (control & SecurityDescriptorControl.SelfRelative) != 0;
			}

			// query properties
			uint revision;
			uint controlFlags;
			if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			_revision = (int)revision;
			_control = (SecurityDescriptorControl)controlFlags;

			if (pOwner != IntPtr.Zero)
				_owner = new SecurityIdentifier(pOwner, copyStructs);
			if (pGroup != IntPtr.Zero)
				_group = new SecurityIdentifier(pGroup, copyStructs);
			if (pDacl != IntPtr.Zero)
				_dacl = new AccessControlList(pDacl, copyStructs);
			if (pSacl != IntPtr.Zero)
				_sacl = new AccessControlList(pSacl, copyStructs);
		}

C# (CSharp) SecurityDescriptorControl примеры использования