ARTICLE AD BOX
As the title suggests, I'm seeking an answer to my question. I have attempted to write code that achieves what I'm asking in accordance to Microsoft's official documentation on this structure: https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-security_descriptor
I have a header file with a class, one private member (the SECURITY_DESCRIPTOR object) then two public methods, one to set the private members structure members, and one to return a copy of the object.
Everything seems fine until I call GetLastError() which returns an error code of 1337, indicating that the "security ID structure is invalid" which means I'm probably not using AllocateAndInitializeSid correctly.
I will attach the code below.
#pragma once class init { private: SECURITY_DESCRIPTOR secObjInfo{}; // contains info such as, owner, group, Sacl, Dacl, control. (Important) public: void setSecurityDescriptor() { // SID structure stuff SID_IDENTIFIER_AUTHORITY sia { SECURITY_NT_AUTHORITY }; PSID si = nullptr; // this security identification object determines what level of authority we have. BOOL sid = AllocateAndInitializeSid( // function to initialize our &sia, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &si ); // end // set control for (SECURITY_DESCRIPTOR) DWORD setControl = SetSecurityDescriptorRMControl( &secObjInfo, NULL ); // end // set revision level and give default initialization to mostly everything else in the struct (SECURITY_DESCRIPTOR). BOOL setRevision = InitializeSecurityDescriptor( &secObjInfo, SECURITY_DESCRIPTOR_REVISION ); // end // set owner of SECURITY_DESCRIPTOR BOOL secDesOwner = SetSecurityDescriptorOwner( &secObjInfo, &si, 1 ); // end // set group for SECURITY_DESCRIPTOR BOOL secDesGroup = SetSecurityDescriptorGroup( &secObjInfo, &si, 1 ); // end } SECURITY_DESCRIPTOR getSecurityDescriptor() { return secObjInfo; } }; /* issues ~ security descriptor is being initialized incorrectly (error code 1338) ~ messy code. */ ); // end // set group for SECURITY_DESCRIPTOR BOOL secDesGroup = SetSecurityDescriptorGroup( &secObjInfo, &si, 1 ); // end } SECURITY_DESCRIPTOR getSecurityDescriptor() { return secObjInfo; } }; /* issues ~ security descriptor is being initialized incorrectly (error code 1338) ~ messy code. */