File Security


The SECFILE sample demonstrates the following security-related activities:

 - Constructing well-known security identifiers (SIDs)
 - Obtaining the current user's SID
 - Building a discretionary access control list (DACL)
 - Building a security descriptor (SD)

You should use this sample in conjunction with the Win32 Programmer's Reference.
Looking at the documentation and an example function call should make both 
the documentation and the sample clearer.

This sample only works on an NTFS partition. No other file system supports 
security. You can use File Manager or the Windows Explorer to check the 
security on the file after you run the sample. One thing you may notice is 
that the user "Everyone" has "Special" access instead of "Read" access. 
That's because the system considers "Read" access to include both read and 
execute rights. To modify the sample to give "Everyone" "Read" access, 
change the statement:

    #define WORLD_ACCESS  GENERIC_READ

to the following:

    #define WORLD_ACCESS  (GENERIC_READ | GENERIC_EXECUTE)