NotifySetFileSecurity Event

Fires when a file or directory's security attributes have been changed.

Syntax

ANSI (Cross Platform)
virtual int FireNotifySetFileSecurity(CBFilterNotifySetFileSecurityEventParams *e);
typedef struct {
const char *FileName;
int SecurityInformation;
const void *SecurityDescriptor;
int Length;
int Status;
int ResultCode; int reserved; } CBFilterNotifySetFileSecurityEventParams; Unicode (Windows) virtual INT FireNotifySetFileSecurity(CBFilterNotifySetFileSecurityEventParams *e);
typedef struct {
LPCWSTR FileName;
INT SecurityInformation;
LPCVOID SecurityDescriptor;
INT Length;
INT Status;
INT ResultCode; INT reserved; } CBFilterNotifySetFileSecurityEventParams;
#define EID_CBFILTER_NOTIFYSETFILESECURITY 79

virtual INT CBFSFILTER_CALL FireNotifySetFileSecurity(LPWSTR &lpszFileName, INT &iSecurityInformation, LPVOID &lpSecurityDescriptor, INT &iLength, INT &iStatus, INT &iResultCode);

Remarks

This event fires when security attributes have been changed for the file or directory specified by FileName.

Applications only need to handle this event if they've added a standard filter rule that includes the FS_NE_SET_SECURITY flag.

The SecurityInformation parameter reflects which pieces of security information, of those present in SecurityDescriptor, were to be set. Please refer to Microsoft's SECURITY_INFORMATION data type documentation for more information about possible values.

The SecurityDescriptor parameter points to a memory buffer that contains the new security information. The Length parameter reflects the length of this data, in bytes. Please refer to the Buffer Parameters topic for more information on how to work with memory buffer event parameters.

The data itself is formatted as a SECURITY_DESCRIPTOR structure in self-relative format; please refer to the Microsoft's documentation for more information.

The Status parameter contains an NT status code that indicates the outcome of the operation; 0 indicates success. To convert this value to a Win32 error code, call the NtStatusToWin32Error method. Please note that this event won't fire for failed requests unless the ProcessFailedRequests property is enabled.

The ResultCode parameter will always be 0 when the event is fired. If the event cannot be handled in a "successful" manner for some reason, set it to a non-zero value to report an appropriate error. Note, however, that this event fires after the operation has already completed, so reporting an error won't actually affect the operation itself. Please refer to the Error Reporting and Handling topic for more information.

This event is fired asynchronously; please refer to the Event Types topic for more information.

Copyright (c) 2022 Callback Technologies, Inc. - All rights reserved.
CBFS Filter 2020 C++ Edition - Version 20.0 [Build 8317]