bool get_user_object_security(handle object,
                              unsigned* information,
                              void* descriptor,
                              unsigned length,
                              unsigned* needed)

This function obtains security information of an object.


handle object

The handle of the object for which information is being obtained.

unsigned* information

A pointer to a value that defines the components of the security descriptor being queried. The specified value may be a combination of flags from the enumeration security_information.

void* descriptor

A pointer to a buffer that is updated to hold a security descriptor> in self-relative form.

unsigned length

The size (in bytes) of the buffer provided by the previous parameter.

unsigned* needed

A pointer to a variable that is updated to hold the required buffer size. If the value returned is greater than the value of the parameter Length, the function returns false and no information is copied to the buffer. If the value returned is less than or equal to the value of parameter Length, all information is copied to the buffer.



true The function succeeded.
false The call failed.


To read the owner, group or discretionary access list of a user object the handle must have access access_type::read. To have access_type::Read, the caller must be owner of the object or be explicitly mentioned in the discretionary access list of the object.

To read the system access control list of the object, the object handle must have access access_type::system_security.