Win32 System Services: The Heart of Windows® 98 and Windows® 2000

13.8. Adding and Deleting ACEs

Listing 13.1 demonstrated how easy it is to create a new security descriptor for any object. Adding ACEs to a new security descriptor that you are creating from scratch is trivial. But what if you want to modify an existing security descriptor by adding or removing ACEs? While conceptually simple, performing additions and deletions to an existing security descriptor takes quite a bit of code because of the difference between absolute andself-relative security descriptors.

Listing 13.1 at the beginning of the chapter creates a security descriptor in absolute format. It creates a variable of type SECURITY_DESCRIPTOR:

SECURITY_DESCRIPTOR sd;

The current declaration for the SECURITY_DESCRIPTOR is shown in the following ...

Get Win32 System Services: The Heart of Windows® 98 and Windows® 2000 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Win32 System Services: The Heart of Windows® 98 and Windows® 2000 by Marshall Brain, Ron Reeves

13.8. Adding and Deleting ACEs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly