RtlGetSaclSecurityDescriptor function

The RtlGetSaclSecurityDescriptor routine returns a pointer to the system ACL (SACL) for a security descriptor.

Syntax

NTSYSAPI NTSTATUS RtlGetSaclSecurityDescriptor(
  PSECURITY_DESCRIPTOR SecurityDescriptor,
  PBOOLEAN             SaclPresent,
  PACL                 *Sacl,
  PBOOLEAN             SaclDefaulted
);

Parameters

SecurityDescriptor

Pointer to the SECURITY_DESCRIPTOR whose SACL is to be returned.

SaclPresent

Pointer to a Boolean variable that indicates the presence of a SACL in the specified security descriptor. If this variable receives TRUE, the security descriptor contains a SACL, and the remaining output parameters receive valid values. If this variable receives FALSE, the security descriptor does not contain a SACL, and the remaining output parameters do not receive valid values.

Sacl

Pointer to a variable that receives the address of the SACL for the security descriptor. If the security descriptor does not have a SACL, this variable does not receive a value. If the security descriptor has a NULL SACL, this variable receives NULL.

SaclDefaulted

Pointer to a Boolean variable that receives the value of the SE_SACL_DEFAULTED flag in the security descriptor's SECURITY_DESCRIPTOR_CONTROL structure if a SACL exists for the security descriptor.

Return Value

RtlGetSaclSecurityDescriptor returns STATUS_SUCCESS or an appropriate NTSTATUS value such as the following:

Return code Description
STATUS_UNKNOWN_REVISION
The security descriptor's revision level is unknown or is not supported. This is an error code.

Remarks

For more information about security and access control, see the documentation for these topics in the Microsoft Windows SDK.

Requirements

   
Windows version This routine is available on Microsoft Windows Server 2003 SP1 and later.
Target Platform Universal
Header ntifs.h (include Ntifs.h)
Library NtosKrnl.lib
DLL NtosKrnl.exe
IRQL "<= APC_LEVEL"

See Also

ACL

RtlCreateSecurityDescriptor

RtlGetDaclSecurityDescriptor

RtlLengthSecurityDescriptor

RtlSetDaclSecurityDescriptor

RtlValidSecurityDescriptor

SECURITY_DESCRIPTOR