SetUserObjectSecurity function (winuser.h)
The SetUserObjectSecurity function sets the security of a user object. This can be, for example, a window or a DDE conversation.
BOOL SetUserObjectSecurity( [in] HANDLE hObj, [in] PSECURITY_INFORMATION pSIRequested, [in] PSECURITY_DESCRIPTOR pSID );
A handle to a user object for which security information is set.
A pointer to a value that indicates the components of the security descriptor to set. This parameter can be a combination of the following values.
||Sets the discretionary access control list (DACL) of the object. The handle specified by hObj must have WRITE_DAC access, or the calling process must be the owner of the object.|
||Sets the primary group security identifier (SID) of the object.|
||Sets the SID of the owner of the object. The handle specified by hObj must have WRITE_OWNER access, or the calling process must be the owner of the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled.|
Sets the system access control list (SACL) of the object. The handle specified by hObj must have ACCESS_SYSTEM_SECURITY access.
To obtain ACCESS_SYSTEM_SECURITY access
A pointer to a SECURITY_DESCRIPTOR structure that contains the new security information.
This buffer must be aligned on a 4-byte boundary.
If the function succeeds, the function returns nonzero.
If the function fails, it returns zero. To get extended error information, call GetLastError.
The SetUserObjectSecurity function applies changes specified in a security descriptor to the security descriptor assigned to a user object. The security descriptor of the object must be in self-relative form. If necessary, this function allocates additional memory to increase the size of the security descriptor.
For an example that uses this function, see Starting an Interactive Client Process.
|Minimum supported client||Windows XP [desktop apps only]|
|Minimum supported server||Windows Server 2003 [desktop apps only]|
|Header||winuser.h (include Windows.h)|