CBFS Connect 2020 .NET Edition

Questions / Feedback?

GetFileSecurity Event

Fires when the OS needs to read the Windows security attributes of a file or directory.

Syntax

public event OnGetFileSecurityHandler OnGetFileSecurity;

public delegate void OnGetFileSecurityHandler(object sender, CbfsGetFileSecurityEventArgs e);

public class CbfsGetFileSecurityEventArgs : EventArgs {
  public string FileName { get; }
  public int SecurityInformation { get; }
  public IntPtr SecurityDescriptor { get; }
  public int BufferLength { get; }
  public int DescriptorLength { get; set; }
  public long HandleInfo { get; }
  public IntPtr FileContext { get; set; }
  public IntPtr HandleContext { get; set; }
  public int ResultCode { get; set; }
}
Public Event OnGetFileSecurity As OnGetFileSecurityHandler

Public Delegate Sub OnGetFileSecurityHandler(sender As Object, e As CbfsGetFileSecurityEventArgs)

Public Class CbfsGetFileSecurityEventArgs Inherits EventArgs
  Public ReadOnly Property FileName As String
  Public ReadOnly Property SecurityInformation As Integer
  Public ReadOnly Property SecurityDescriptor As IntPtr
  Public ReadOnly Property BufferLength As Integer
  Public Property DescriptorLength As Integer
  Public ReadOnly Property HandleInfo As Long
  Public Property FileContext As IntPtr
  Public Property HandleContext As IntPtr
  Public Property ResultCode As Integer
End Class

Remarks

This event fires when the OS needs to read the Windows security attributes of the file or directory specified by FileName.

This event only needs to be handled if the UseWindowsSecurity property is enabled. To handle this event properly, applications must return the requested pieces of security information, specified by SecurityInformation, via the SecurityDescriptor buffer. Please refer to the parameter descriptions below, as well as the Security Checks topic, for more information.

The SecurityInformation parameter indicates which pieces of security information must be provided. This value is a bitfield; possible flags include (but are not limited to):

  • OWNER_SECURITY_INFORMATION
  • GROUP_SECURITY_INFORMATION
  • DACL_SECURITY_INFORMATION
  • SACL_SECURITY_INFORMATION
Please refer to Microsoft's SECURITY_INFORMATION data type documentation for more information about possible values.

The SecurityDescriptor parameter points to the memory buffer that receives the requested data. It is only available if BufferLength is greater than 0. The data must be formatted as a SECURITY_DESCRIPTOR structure in self-relative format. Please refer to those articles for more information about self-relative security descriptors.

Please refer to the Buffer Parameters topic for more information on how to work with memory buffer event parameters.

The BufferLength parameter specifies the capacity, in bytes, of the SecurityDescriptor buffer; while the DescriptorLength parameter specifies, in bytes, the length of the security descriptor.

If the SecurityDescriptor buffer has enough capacity to accommodate the entire security descriptor, DescriptorLength must be set to the length of the data copied to SecurityDescriptor. If the SecurityDescriptor buffer is too small (or, in cases where BufferLength is 0, unavailable), do not write any data to it; instead, set DescriptorLength to the number of bytes required to hold the requested data, and return the ERROR_INSUFFICIENT_BUFFER error code via ResultCode.

The HandleInfo parameter carries a handle to an object with information about the file handle. While within the event handler, it can be used to call any of the following methods: GetHandleCreatorProcessId, GetHandleCreatorProcessName, GetHandleCreatorThreadId, or GetHandleCreatorToken.

The FileContext and HandleContext parameters are placeholders for application-defined data associated with the file and specific handle, respectively. Please refer to the Contexts topic for more information.

The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason (e.g., a resource isn't available, security checks failed, etc.), set it to a non-zero value to report an appropriate error. Please refer to the Error Reporting and Handling topic for more information.

Copyright (c) 2022 Callback Technologies, Inc. - All rights reserved.
CBFS Connect 2020 .NET Edition - Version 20.0 [Build 8348]