ACL
-
hi to all, I am writing a function to check access rights on file or folder using AclAPI.h I am using following api's GetFileSecurity() ImperonateSelf() OpenThreadToken() MapGenericMask() AccessCheck() do i have to include
#pragma comment(lib, "advapi32.lib")
in my code or not. Without including
#pragma comment(lib, "advapi32.lib")Program is working. andBOOL WINAPI OpenThreadToken(
__in HANDLE ThreadHandle,
__in DWORD DesiredAccess,
__in BOOL OpenAsSelf,
__out PHANDLE TokenHandle
);what does parameter in OpenThreadToken (OpenAsSelf) means. Please give some valuable suggestions.
Regards, Vishal
-
hi to all, I am writing a function to check access rights on file or folder using AclAPI.h I am using following api's GetFileSecurity() ImperonateSelf() OpenThreadToken() MapGenericMask() AccessCheck() do i have to include
#pragma comment(lib, "advapi32.lib")
in my code or not. Without including
#pragma comment(lib, "advapi32.lib")Program is working. andBOOL WINAPI OpenThreadToken(
__in HANDLE ThreadHandle,
__in DWORD DesiredAccess,
__in BOOL OpenAsSelf,
__out PHANDLE TokenHandle
);what does parameter in OpenThreadToken (OpenAsSelf) means. Please give some valuable suggestions.
Regards, Vishal
Answer to first question: If the program is working without it, you have your answer. Answer to second question: From MSDN: OpenAsSelf [in] - TRUE if the access check is to be made against the process-level security context. FALSE if the access check is to be made against the current security context of the thread calling the OpenThreadToken function. The OpenAsSelf parameter allows the caller of this function to open the access token of a specified thread when the caller is impersonating a token at SecurityIdentification level. Without this parameter, the calling thread cannot open the access token on the specified thread because it is impossible to open executive-level objects by using the SecurityIdentification impersonation level.
Best wishes, Hans
-
Answer to first question: If the program is working without it, you have your answer. Answer to second question: From MSDN: OpenAsSelf [in] - TRUE if the access check is to be made against the process-level security context. FALSE if the access check is to be made against the current security context of the thread calling the OpenThreadToken function. The OpenAsSelf parameter allows the caller of this function to open the access token of a specified thread when the caller is impersonating a token at SecurityIdentification level. Without this parameter, the calling thread cannot open the access token on the specified thread because it is impossible to open executive-level objects by using the SecurityIdentification impersonation level.
Best wishes, Hans