SetFileSecurity Event

Fires when the OS wants to change the Windows security attributes of a file or directory.

Syntax

virtual int FireSetFileSecurity(CBFSSetFileSecurityEventParams *e);
typedef struct {
const char *FileName;
int SecurityInformation;
const void *SecurityDescriptor;
int Length;
int64 HandleInfo;
void *FileContext;
void *HandleContext;
int ResultCode; int reserved; } CBFSSetFileSecurityEventParams;
virtual INT FireSetFileSecurity(CBFSSetFileSecurityEventParams *e);
typedef struct {
LPCWSTR FileName;
INT SecurityInformation;
LPCVOID SecurityDescriptor;
INT Length;
LONG64 HandleInfo;
LPVOID FileContext;
LPVOID HandleContext;
INT ResultCode; INT reserved; } CBFSSetFileSecurityEventParams;

Remarks

This event fires when the OS wants to change the Windows security attributes of the file or directory specified by FileName.

This event only needs to be handled if the UseWindowsSecurity property is enabled. To handle this event properly, applications must update the pieces of security information, specified by SecurityInformation, on the specified file or directory in their backend storage. Please refer to the parameter descriptions below, as well as the Security Checks topic, for more information.

The SecurityInformation parameter indicates which pieces of security information must be set. This value is a bitfield; possible flags include (but are not limited to):

  • OWNER_SECURITY_INFORMATION
  • GROUP_SECURITY_INFORMATION
  • DACL_SECURITY_INFORMATION
  • SACL_SECURITY_INFORMATION
Please refer to Microsoft's SECURITY_INFORMATION data type documentation for more information about possible values.

The SecurityDescriptor parameter points to a memory buffer that contains data indicated by SecurityInformation. This data is formatted as a SECURITY_DESCRIPTOR structure in self-relative format. Please refer to those articles for more information about self-relative security descriptors.

The Length parameter specifies the length, in bytes, of SecurityDescriptor.

Please refer to the Buffer Parameters topic for more information on how to work with memory buffer event parameters.

The HandleInfo parameter carries a handle to an object with information about the file handle. While within the event handler, it can be used to call any of the following methods: GetHandleCreatorProcessId, GetHandleCreatorProcessName, GetHandleCreatorThreadId, or GetHandleCreatorToken.

The FileContext and HandleContext parameters are placeholders for application-defined data associated with the file and specific handle, respectively. Please refer to the Contexts topic for more information.

The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource isn't available, security checks failed, etc.), set it to a non-zero value to report an appropriate error. Please refer to the Error Reporting and Handling topic for more information.

 
 
Copyright (c) 2020 Callback Technologies, Inc. - All rights reserved.
CBFS Connect 2020 C++ Edition - Version 20.0 [Build 7545]