#include <Aclapi.h>
int main()
{
// Create file with multiple flags.
HANDLE file = CreateFile("d:\\",
STANDARD_RIGHTS_WRITE | WRITE_DAC,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
FILE_FLAG_BACKUP_SEMANTICS, // This flag must be set.
NULL);
// Save old DACL.
PSECURITY_DESCRIPTOR pSd = NULL;
PACL pOldDacl = NULL, pNewDacl = NULL;
GetSecurityInfo(file, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pOldDacl, NULL, &pSd);
// Create new ACE.
EXPLICIT_ACCESS ea = {};
ea.grfAccessMode = SET_ACCESS; // Reset or grant or deny, etc.
ea.grfAccessPermissions = GENERIC_ALL; // GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE.
ea.grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; // Whether take effect on sub containers.
ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME; // 'ptstrName' is a name field.
ea.Trustee.TrusteeType = TRUSTEE_IS_USER; // 'ptstrName' is a user name field.
ea.Trustee.ptstrName = "EveryOne"; // User name.
SetEntriesInAcl(1, &ea, pOldDacl, &pNewDacl); // Combine old ACEs and new ACE.
// Set new DACL.(containing old ACEs)
SetSecurityInfo(file, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, pNewDacl, NULL);
// Release resource.
LocalFree(pNewDacl);
LocalFree(pSd);
CloseHandle(file);
return 0;
}