semethod.c File Reference

#include "sep.h"
#include "sertlp.h"

Go to the source code of this file.

Functions
NTSTATUS	SepDefaultDeleteMethod (IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
VOID	SeSetSecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
VOID	SeQuerySecurityAccessMask (IN SECURITY_INFORMATION SecurityInformation, OUT PACCESS_MASK DesiredAccess)
NTSTATUS	SeDefaultObjectMethod (IN PVOID Object, IN SECURITY_OPERATION_CODE OperationCode, IN PSECURITY_INFORMATION SecurityInformation, IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG CapturedLength, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	SeSetSecurityDescriptorInfo (IN PVOID Object OPTIONAL, IN PSECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	SeSetSecurityDescriptorInfoEx (IN PVOID Object OPTIONAL, IN PSECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, IN ULONG AutoInheritFlags, IN POOL_TYPE PoolType, IN PGENERIC_MAPPING GenericMapping)
NTSTATUS	SeQuerySecurityDescriptorInfo (IN PSECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN OUT PULONG Length, IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)

---

Function Documentation

NTSTATUS SeDefaultObjectMethod (  IN PVOID  Object, IN SECURITY_OPERATION_CODE  OperationCode, IN PSECURITY_INFORMATION  SecurityInformation, IN OUT PSECURITY_DESCRIPTOR  SecurityDescriptor, IN OUT PULONG  CapturedLength, IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor, IN POOL_TYPE  PoolType, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 195 of file semethod.c. References ASSERT, AssignSecurityDescriptor, DeleteSecurityDescriptor, KeBugCheck(), NonPagedPool, NULL, ObAssignObjectSecurityDescriptor(), ObQuerySecurityDescriptorInfo(), ObSetSecurityDescriptorInfo(), PAGED_CODE, PagedPool, QuerySecurityDescriptor, SepDefaultDeleteMethod(), and SetSecurityDescriptor. Referenced by NtDuplicateObject(), ObCreateObjectType(), and TestDefaultObjectMethod(). : This is the default security method for objects. It is responsible for either retrieving, setting, and deleting the security descriptor of an object. It is not used to assign the original security descriptor to an object (use SeAssignSecurity for that purpose). IT IS ASSUMED THAT THE OBJECT MANAGER HAS ALREADY DONE THE ACCESS VALIDATIONS NECESSARY TO ALLOW THE REQUESTED OPERATIONS TO BE PERFORMED. Arguments: Object - Supplies a pointer to the object being used. OperationCode - Indicates if the operation is for setting, querying, or deleting the object's security descriptor. SecurityInformation - Indicates which security information is being queried or set. This argument is ignored for the delete operation. SecurityDescriptor - The meaning of this parameter depends on the OperationCode: QuerySecurityDescriptor - For the query operation this supplies the buffer to copy the descriptor into. The security descriptor is assumed to have been probed up to the size passed in in Length. Since it still points into user space, it must always be accessed in a try clause in case it should suddenly disappear. SetSecurityDescriptor - For a set operation this supplies the security descriptor to copy into the object. The security descriptor must be captured before this routine is called. DeleteSecurityDescriptor - It is ignored when deleting a security descriptor. AssignSecurityDescriptor - For assign operations this is the security descriptor that will be assigned to the object. It is assumed to be in kernel space, and is therefore not probed or captured. CapturedLength - For the query operation this specifies the length, in bytes, of the security descriptor buffer, and upon return contains the number of bytes needed to store the descriptor. If the length needed is greater than the length supplied the operation will fail. It is ignored in the set and delete operation. This parameter is assumed to be captured and probed as appropriate. ObjectsSecurityDescriptor - For the Set operation this supplies the address of a pointer to the object's current security descriptor. This routine will either modify the security descriptor in place or allocate a new security descriptor and use this variable to indicate its new location. For the query operation it simply supplies the security descriptor being queried. The caller is responsible for freeing the old security descriptor. PoolType - For the set operation this specifies the pool type to use if a new security descriptor needs to be allocated. It is ignored in the query and delete operation. the mapping of generic to specific/standard access types for the object being accessed. This mapping structure is expected to be safe to access (i.e., captured if necessary) prior to be passed to this routine. Return Value: NTSTATUS - STATUS_SUCCESS if the operation is successful and an appropriate error status otherwise. --*/ { PAGED_CODE(); // // If the object's security descriptor is null, then object is not // one that has security information associated with it. Return // an error. // // // Make sure the common parts of our input are proper // ASSERT( (OperationCode == SetSecurityDescriptor) || (OperationCode == QuerySecurityDescriptor) || (OperationCode == AssignSecurityDescriptor) || (OperationCode == DeleteSecurityDescriptor) ); // // This routine simply cases off of the operation code to decide // which support routine to call // switch (OperationCode) { case SetSecurityDescriptor: ASSERT( (PoolType == PagedPool) || (PoolType == NonPagedPool) ); return ObSetSecurityDescriptorInfo( Object, SecurityInformation, SecurityDescriptor, ObjectsSecurityDescriptor, PoolType, GenericMapping ); case QuerySecurityDescriptor: // // check the rest of our input and call the default query security // method // ASSERT( CapturedLength != NULL ); return ObQuerySecurityDescriptorInfo( SecurityInformation, SecurityDescriptor, CapturedLength, ObjectsSecurityDescriptor ); case DeleteSecurityDescriptor: // // call the default delete security method // return SepDefaultDeleteMethod( ObjectsSecurityDescriptor ); case AssignSecurityDescriptor: ObAssignObjectSecurityDescriptor( Object, SecurityDescriptor, PoolType ); return( STATUS_SUCCESS ); default: // // Bugcheck on any other operation code, We won't get here if // the earlier asserts are still checked. // KeBugCheck( SECURITY_SYSTEM ); return( STATUS_INVALID_PARAMETER ); } }

NTSTATUS SepDefaultDeleteMethod (  IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor  )

Definition at line 920 of file semethod.c. References ObDeassignSecurity(), and PAGED_CODE. Referenced by SeDefaultObjectMethod(). 00926 : 00927 00928 This is a private procedure to delete the security descriptor for 00929 an object. It cleans up any pool allocations that have occured 00930 as part of the descriptor. 00931 00932 Arguments: 00933 00934 ObjectsSecurityDescriptor - Supplies the address of a pointer 00935 to the security descriptor being deleted. 00936 00937 Return Value: 00938 00939 NTSTATUS - STATUS_SUCCESS 00940 00941 --*/ 00942 00943 { 00944 PAGED_CODE(); 00945 00946 return (ObDeassignSecurity ( ObjectsSecurityDescriptor )); 00947 } }

VOID SeQuerySecurityAccessMask (  IN SECURITY_INFORMATION  SecurityInformation, OUT PACCESS_MASK  DesiredAccess )

Definition at line 138 of file semethod.c. References PAGED_CODE. Referenced by IoCheckFunctionAccess(), and NtQuerySecurityObject(). : This routine builds an access mask representing the accesses necessary to query the object security information specified in the SecurityInformation parameter. While it is not difficult to determine this information, the use of a single routine to generate it will ensure minimal impact when the security information associated with an object is extended in the future (to include mandatory access control information). Arguments: SecurityInformation - Identifies the object's security information to be queried. DesiredAccess - Points to an access mask to be set to represent the accesses necessary to query the information specified in the SecurityInformation parameter. Return Value: None. --*/ { PAGED_CODE(); // // Figure out accesses needed to perform the indicated operation(s). // (*DesiredAccess) = 0; if ((SecurityInformation & OWNER_SECURITY_INFORMATION) || (SecurityInformation & GROUP_SECURITY_INFORMATION) || (SecurityInformation & DACL_SECURITY_INFORMATION)) { (*DesiredAccess) |= READ_CONTROL; } if ((SecurityInformation & SACL_SECURITY_INFORMATION)) { (*DesiredAccess) |= ACCESS_SYSTEM_SECURITY; } return; }

NTSTATUS SeQuerySecurityDescriptorInfo (  IN PSECURITY_INFORMATION  SecurityInformation, OUT PSECURITY_DESCRIPTOR  SecurityDescriptor, IN OUT PULONG  Length, IN PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor )

Definition at line 559 of file semethod.c. References EXCEPTION_EXECUTE_HANDLER, LongAlignPtr, NULL, PAGED_CODE, RtlCreateSecurityDescriptorRelative(), SeLengthSid, and Size. Referenced by CmpQuerySecurityDescriptorInfo(), IopGetSetSecurityObject(), and ObQuerySecurityDescriptorInfo(). : This routine will extract the desired information from the passed security descriptor and return the information in the passed buffer as a security descriptor in self-relative format. Arguments: SecurityInformation - Specifies what information is being queried. SecurityDescriptor - Supplies the buffer to output the requested information into. This buffer has been probed only to the size indicated by the Length parameter. Since it still points into user space, it must always be accessed in a try clause. Length - Supplies the address of a variable containing the length of the security descriptor buffer. Upon return this variable will contain the length needed to store the requested information. ObjectsSecurityDescriptor - Supplies the address of a pointer to the objects security descriptor. The passed security descriptor must be in self-relative format. Return Value: NTSTATUS - STATUS_SUCCESS if successful and an appropriate error value otherwise --*/ { ULONG BufferLength; ULONG Size; ULONG OwnerLength; ULONG GroupLength; ULONG DaclLength; ULONG SaclLength; PUCHAR NextFree; SECURITY_DESCRIPTOR IObjectSecurity; // // Note that IObjectSecurity is not a pointer to a pointer // like ObjectsSecurityDescriptor is. // SECURITY_DESCRIPTOR_RELATIVE *ISecurityDescriptor = SecurityDescriptor; PAGED_CODE(); // // We will be accessing user memory throughout this routine, // therefore do everything in a try-except clause. // try { BufferLength = *Length; // // Check if the object's descriptor is null, and if it is then // we only need to return a blank security descriptor record // if (*ObjectsSecurityDescriptor == NULL) { *Length = sizeof(SECURITY_DESCRIPTOR_RELATIVE); // // Now make sure it's large enough for the security descriptor // record // if (BufferLength < sizeof(SECURITY_DESCRIPTOR_RELATIVE)) { return STATUS_BUFFER_TOO_SMALL; } // // It's large enough to make a blank security descriptor record // // Note that this parameter has been probed for write by the // object manager, however, we still have to be careful when // writing to it. // // // We do not have to probe this here, because the object // manager has probed it for length=BufferLength, which we // know at this point is at least as large as a security // descriptor. // RtlCreateSecurityDescriptorRelative( SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION ); // // Mark it as self-relative // RtlpSetControlBits( ISecurityDescriptor, SE_SELF_RELATIVE ); // // And return to our caller // return STATUS_SUCCESS; } // // Create an absolute format SD on the stack pointing into // user space to simplify the following code // RtlCopyMemory( (&IObjectSecurity), *ObjectsSecurityDescriptor, sizeof(SECURITY_DESCRIPTOR_RELATIVE) ); IObjectSecurity.Owner = RtlpOwnerAddrSecurityDescriptor( (SECURITY_DESCRIPTOR *) *ObjectsSecurityDescriptor ); IObjectSecurity.Group = RtlpGroupAddrSecurityDescriptor( (SECURITY_DESCRIPTOR *) *ObjectsSecurityDescriptor ); IObjectSecurity.Dacl = RtlpDaclAddrSecurityDescriptor( (SECURITY_DESCRIPTOR *) *ObjectsSecurityDescriptor ); IObjectSecurity.Sacl = RtlpSaclAddrSecurityDescriptor( (SECURITY_DESCRIPTOR *) *ObjectsSecurityDescriptor ); IObjectSecurity.Control &= ~SE_SELF_RELATIVE; // // This is not a blank descriptor so we need to determine the size // needed to store the requested information. It is the size of the // descriptor record plus the size of each requested component. // Size = sizeof(SECURITY_DESCRIPTOR_RELATIVE); if ( (((*SecurityInformation) & OWNER_SECURITY_INFORMATION)) && (IObjectSecurity.Owner != NULL) ) { OwnerLength = SeLengthSid( IObjectSecurity.Owner ); Size += (ULONG)LongAlignSize(OwnerLength); } if ( (((*SecurityInformation) & GROUP_SECURITY_INFORMATION)) && (IObjectSecurity.Group != NULL) ) { GroupLength = SeLengthSid( IObjectSecurity.Group ); Size += (ULONG)LongAlignSize(GroupLength); } if ( (((*SecurityInformation) & DACL_SECURITY_INFORMATION)) && (IObjectSecurity.Control & SE_DACL_PRESENT) && (IObjectSecurity.Dacl != NULL) ) { DaclLength = (ULONG)LongAlignSize((IObjectSecurity.Dacl)->AclSize); Size += DaclLength; } if ( (((*SecurityInformation) & SACL_SECURITY_INFORMATION)) && (IObjectSecurity.Control & SE_SACL_PRESENT) && (IObjectSecurity.Sacl != NULL) ) { SaclLength = (ULONG)LongAlignSize((IObjectSecurity.Sacl)->AclSize); Size += SaclLength; } // // Tell the caller how much space this will require // (whether we actually fit or not) // *Length = Size; // // Now make sure the size is less than or equal to the length // we were passed // if (Size > BufferLength) { return STATUS_BUFFER_TOO_SMALL; } // // The length is fine. // // Fill in the length and flags part of the security descriptor. // The real addresses of each acl will be filled in later when we // copy the ACLs over. // // Note that we only set a flag in the descriptor if the information // was requested, which is a simple copy of the requested information // input variable // // The output buffer has already been probed to the passed size, // so we can just write to it. // RtlCreateSecurityDescriptorRelative( SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION ); // // Mark the returned Security Descriptor as being in // self-relative format // RtlpSetControlBits( ISecurityDescriptor, SE_SELF_RELATIVE ); // // NextFree is used to point to the next free spot in the // returned security descriptor. // NextFree = LongAlignPtr((PUCHAR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); // // Copy the Owner SID if necessary and update the NextFree pointer, // keeping it longword aligned. // if ( ((*SecurityInformation) & OWNER_SECURITY_INFORMATION) && ((IObjectSecurity.Owner) != NULL) ) { RtlMoveMemory( NextFree, IObjectSecurity.Owner, OwnerLength ); ISecurityDescriptor->Owner = (ULONG)((PUCHAR)NextFree - (PUCHAR)SecurityDescriptor); RtlpPropagateControlBits( ISecurityDescriptor, &IObjectSecurity, SE_OWNER_DEFAULTED ); NextFree += (ULONG)LongAlignSize(OwnerLength); } // // Copy the Group SID if necessary and update the NextFree pointer, // keeping it longword aligned. // if ( ((*SecurityInformation) & GROUP_SECURITY_INFORMATION) && (IObjectSecurity.Group != NULL) ) { RtlMoveMemory( NextFree, IObjectSecurity.Group, GroupLength ); ISecurityDescriptor->Group = (ULONG)((PUCHAR)NextFree - (PUCHAR)SecurityDescriptor); RtlpPropagateControlBits( ISecurityDescriptor, &IObjectSecurity, SE_GROUP_DEFAULTED ); NextFree += (ULONG)LongAlignSize(GroupLength); } // // Set discretionary acl information if requested. // If not set in object's security, // then everything is already set properly. // if ( (*SecurityInformation) & DACL_SECURITY_INFORMATION) { RtlpPropagateControlBits( ISecurityDescriptor, &IObjectSecurity, SE_DACL_PRESENT | SE_DACL_DEFAULTED | SE_DACL_PROTECTED | SE_DACL_AUTO_INHERITED ); // // Copy the acl if non-null and update the NextFree pointer, // keeping it longword aligned. // if ( (IObjectSecurity.Control & SE_DACL_PRESENT) != 0 && IObjectSecurity.Dacl != NULL) { RtlMoveMemory( NextFree, IObjectSecurity.Dacl, (IObjectSecurity.Dacl)->AclSize ); ISecurityDescriptor->Dacl = (ULONG)((PUCHAR)NextFree - (PUCHAR)SecurityDescriptor); NextFree += DaclLength; } } // // Set system acl information if requested. // If not set in object's security, // then everything is already set properly. // if ( (*SecurityInformation) & SACL_SECURITY_INFORMATION) { RtlpPropagateControlBits( ISecurityDescriptor, &IObjectSecurity, SE_SACL_PRESENT | SE_SACL_DEFAULTED | SE_SACL_PROTECTED | SE_SACL_AUTO_INHERITED ); // // Copy the acl if non-null and update the NextFree pointer, // keeping it longword aligned. // if ( (IObjectSecurity.Control & SE_SACL_PRESENT) != 0 && IObjectSecurity.Sacl != NULL) { RtlMoveMemory( NextFree, IObjectSecurity.Sacl, (IObjectSecurity.Sacl)->AclSize ); ISecurityDescriptor->Sacl = (ULONG)((PUCHAR)NextFree - (PUCHAR)SecurityDescriptor); } } } except(EXCEPTION_EXECUTE_HANDLER) { return(GetExceptionCode()); } return STATUS_SUCCESS; }

VOID SeSetSecurityAccessMask (  IN SECURITY_INFORMATION  SecurityInformation, OUT PACCESS_MASK  DesiredAccess )

Definition at line 78 of file semethod.c. References PAGED_CODE. Referenced by IoCheckFunctionAccess(), and NtSetSecurityObject(). : This routine builds an access mask representing the accesses necessary to set the object security information specified in the SecurityInformation parameter. While it is not difficult to determine this information, the use of a single routine to generate it will ensure minimal impact when the security information associated with an object is extended in the future (to include mandatory access control information). Arguments: SecurityInformation - Identifies the object's security information to be modified. DesiredAccess - Points to an access mask to be set to represent the accesses necessary to modify the information specified in the SecurityInformation parameter. Return Value: None. --*/ { PAGED_CODE(); // // Figure out accesses needed to perform the indicated operation(s). // (*DesiredAccess) = 0; if ((SecurityInformation & OWNER_SECURITY_INFORMATION) || (SecurityInformation & GROUP_SECURITY_INFORMATION) ) { (*DesiredAccess) |= WRITE_OWNER; } if (SecurityInformation & DACL_SECURITY_INFORMATION) { (*DesiredAccess) |= WRITE_DAC; } if (SecurityInformation & SACL_SECURITY_INFORMATION) { (*DesiredAccess) |= ACCESS_SYSTEM_SECURITY; } return; }

NTSTATUS SeSetSecurityDescriptorInfo (  IN PVOID Object  OPTIONAL, IN PSECURITY_INFORMATION  SecurityInformation, IN PSECURITY_DESCRIPTOR  ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor, IN POOL_TYPE  PoolType, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 365 of file semethod.c. References NULL, and RtlpSetSecurityObject(). Referenced by CmpSetSecurityDescriptorInfo(), IopSetDeviceSecurityDescriptors(), and ObSetSecurityDescriptorInfo(). : This routine will set an object's security descriptor. The input security descriptor must be previously captured. Arguments: Object - Optionally supplies the object whose security is being adjusted. This is used to update security quota information. SecurityInformation - Indicates which security information is to be applied to the object. The value(s) to be assigned are passed in the SecurityDescriptor parameter. ModificationDescriptor - Supplies the input security descriptor to be applied to the object. The caller of this routine is expected to probe and capture the passed security descriptor before calling and release it after calling. ObjectsSecurityDescriptor - Supplies the address of a pointer to the objects security descriptor that is going to be altered by this procedure. This structure must be deallocated by the caller. PoolType - Specifies the type of pool to allocate for the objects security descriptor. GenericMapping - This argument provides the mapping of generic to specific/standard access types for the object being accessed. This mapping structure is expected to be safe to access (i.e., captured if necessary) prior to be passed to this routine. Return Value: NTSTATUS - STATUS_SUCCESS if successful and an appropriate error value otherwise. --*/ { // // Make sure the object already has a security descriptor. // Objects that 'may' have security descriptors 'must' have security // descriptors. If this one doesn't already have one, then we can't // assign one to it. // if ((*ObjectsSecurityDescriptor) == NULL) { return(STATUS_NO_SECURITY_ON_OBJECT); } // // Pass this call to the common Rtlp routine. // return RtlpSetSecurityObject ( Object, *SecurityInformation, ModificationDescriptor, ObjectsSecurityDescriptor, 0, // No Auto Inheritance PoolType, GenericMapping, NULL ); // No Token }

NTSTATUS SeSetSecurityDescriptorInfoEx (  IN PVOID Object  OPTIONAL, IN PSECURITY_INFORMATION  SecurityInformation, IN PSECURITY_DESCRIPTOR  ModificationDescriptor, IN OUT PSECURITY_DESCRIPTOR *  ObjectsSecurityDescriptor, IN ULONG  AutoInheritFlags, IN POOL_TYPE  PoolType, IN PGENERIC_MAPPING  GenericMapping )

Definition at line 452 of file semethod.c. References NULL, and RtlpSetSecurityObject(). : This routine will set an object's security descriptor. The input security descriptor must be previously captured. Arguments: Object - Optionally supplies the object whose security is being adjusted. This is used to update security quota information. SecurityInformation - Indicates which security information is to be applied to the object. The value(s) to be assigned are passed in the SecurityDescriptor parameter. ModificationDescriptor - Supplies the input security descriptor to be applied to the object. The caller of this routine is expected to probe and capture the passed security descriptor before calling and release it after calling. ObjectsSecurityDescriptor - Supplies the address of a pointer to the objects security descriptor that is going to be altered by this procedure. This structure must be deallocated by the caller. AutoInheritFlags - Controls automatic inheritance of ACES. Valid values are a bits mask of the logical OR of one or more of the following bits: SEF_DACL_AUTO_INHERIT - If set, inherited ACEs from the DACL in the ObjectsSecurityDescriptor are preserved and inherited ACEs from the ModificationDescriptor are ignored. Inherited ACEs are not supposed to be modified; so preserving them across this call is appropriate. If a protected server does not itself implement auto inheritance, it should not set this bit. The caller of the protected server may implement auto inheritance and my indeed be modifying inherited ACEs. SEF_SACL_AUTO_INHERIT - If set, inherited ACEs from the SACL in the ObjectsSecurityDescriptor are preserved and inherited ACEs from the ModificationDescriptor are ignored. Inherited ACEs are not supposed to be modified; so preserving them across this call is appropriate. If a protected server does not itself implement auto inheritance, it should not set this bit. The caller of the protected server may implement auto inheritance and my indeed be modifying inherited ACEs. PoolType - Specifies the type of pool to allocate for the objects security descriptor. GenericMapping - This argument provides the mapping of generic to specific/standard access types for the object being accessed. This mapping structure is expected to be safe to access (i.e., captured if necessary) prior to be passed to this routine. Return Value: NTSTATUS - STATUS_SUCCESS if successful and an appropriate error value otherwise. --*/ { // // Make sure the object already has a security descriptor. // Objects that 'may' have security descriptors 'must' have security // descriptors. If this one doesn't already have one, then we can't // assign one to it. // if ((*ObjectsSecurityDescriptor) == NULL) { return(STATUS_NO_SECURITY_ON_OBJECT); } // // Pass this call to the common Rtlp routine. // return RtlpSetSecurityObject ( Object, *SecurityInformation, ModificationDescriptor, ObjectsSecurityDescriptor, AutoInheritFlags, PoolType, GenericMapping, NULL ); // No Token }

---