SECURITY_DESCRIPTOR The SECURITY_DESCRIPTOR structure contains the security information associated with an object. Drivers use this structure to set and query an object's security status.Because the internal format of a security descriptor can vary, drivers are not to modify the SECURITY_DESCRIPTOR structure directly. For creating and manipulating a security descriptor, use the functions listed in the See Also section.typedef struct _SECURITY_DESCRIPTOR { UCHAR Revision; UCHAR Sbz1; SECURITY_DESCRIPTOR_CONTROL Control; PSID Owner; PSID Group; PACL Sacl; PACL Dacl; } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR; Res A security descriptor includes information that specifies the following components of an object's security:An owner (SID)A primary group (SID)A discretionary ACL (DACL)A system ACL (SACL)Qualifiers for the preceding itemsRequirements HeaderNtifs.h (include Ntifs.h)
SECURITY_ATTRIBUTES The SECURITY_ATTRIBUTES structure contains the security descriptor for an object and specifies whether the handle retrieved by specifying this structure is inheritable. This structure provides security settings for objects created by various functions, such as CreateFile, CreatePipe, CreateProcess, RegCreateKeyEx, or RegSaveKeyEx. typedef struct _SECURITY_ATTRIBUTES { DWORD nLength; //结构体大小,可用sizeof取得 LPVOID lpSecurityDescriptor; //安全描述符 BOOL bInheritHandle;//安全描述的对象能否被新创建的进程继承 } SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES; ========================================= The SECURITY_DESCRIPTOR structure contains the security information associated with an object. Drivers use this structure to set and query an object's security status.The SECURITY_ATTRIBUTES This structure provides security settings for objects created by various functions, such as CreateFile, CreatePipe, CreateProcess, RegCreateKeyEx, or RegSaveKeyEx.
我想问:它们分别用在什么地方?它们之间有什么关联?有哪些API函数来操作它们?
并且:The SECURITY_ATTRIBUTES structure contains the security descriptor for an object and specifies 可是我看SECURITY_ATTRIBUTES 结构里并没用SECURITY_DESCRIPTOR的结构,请问这是怎么回事?
http://topic.csdn.net/t/20060314/23/4614692.html
The SECURITY_DESCRIPTOR structure contains the security information associated with an object. Drivers use this structure to set and query an object's security status.Because the internal format of a security descriptor can vary, drivers are not to modify the SECURITY_DESCRIPTOR structure directly. For creating and manipulating a security descriptor, use the functions listed in the See Also section.typedef struct _SECURITY_DESCRIPTOR {
UCHAR Revision;
UCHAR Sbz1;
SECURITY_DESCRIPTOR_CONTROL Control;
PSID Owner;
PSID Group;
PACL Sacl;
PACL Dacl;
} SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
Res
A security descriptor includes information that specifies the following components of an object's security:An owner (SID)A primary group (SID)A discretionary ACL (DACL)A system ACL (SACL)Qualifiers for the preceding itemsRequirements
HeaderNtifs.h (include Ntifs.h)
typedef struct _SECURITY_ATTRIBUTES {
DWORD nLength; //结构体大小,可用sizeof取得
LPVOID lpSecurityDescriptor; //安全描述符
BOOL bInheritHandle;//安全描述的对象能否被新创建的进程继承
} SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES;
=========================================
The SECURITY_DESCRIPTOR structure contains the security information associated with an object. Drivers use this structure to set and query an object's security status.The SECURITY_ATTRIBUTES This structure provides security settings for objects created by various functions, such as CreateFile, CreatePipe, CreateProcess, RegCreateKeyEx, or RegSaveKeyEx.
可是我看SECURITY_ATTRIBUTES 结构里并没用SECURITY_DESCRIPTOR的结构,请问这是怎么回事?