/// <summary> /// Derive a restricted package sid from an existing pacakge sid. /// </summary> /// <param name="package_sid">The base package sid.</param> /// <param name="restricted_name">The restricted name for the sid.</param> /// <returns>The derived Sid.</returns> public static Sid DeriveRestrictedPackageSidFromSid(Sid package_sid, string restricted_name) { using (var sid_buf = package_sid.ToSafeBuffer()) { int hr = Win32NativeMethods.DeriveRestrictedAppContainerSidFromAppContainerSidAndRestrictedName(sid_buf, restricted_name, out SafeSidBufferHandle sid); if (hr != 0) { Marshal.ThrowExceptionForHR(hr); } using (sid) { return(new Sid(sid)); } } }
/// <summary> /// Derive a restricted package sid from an existing pacakge sid. /// </summary> /// <param name="package_sid">The base package sid.</param> /// <param name="restricted_name">The restricted name for the sid.</param> /// <param name="throw_on_error">True to throw on error.</param> /// <returns>The derived Sid.</returns> public static NtResult <Sid> DeriveRestrictedPackageSidFromSid(Sid package_sid, string restricted_name, bool throw_on_error) { using (var sid_buf = package_sid.ToSafeBuffer()) { int hr = Win32NativeMethods.DeriveRestrictedAppContainerSidFromAppContainerSidAndRestrictedName(sid_buf, restricted_name, out SafeSidBufferHandle sid); if (hr == 0) { using (sid) { Sid result = new Sid(sid); NtSecurity.CacheSidName(result, string.Empty, $"{package_sid.Name}/{restricted_name}", SidNameSource.Package, SidNameUse.User); return(result.CreateResult()); } } return(((NtStatus)hr).CreateResultFromError <Sid>(throw_on_error)); } }