FwpmSubLayerGetSecurityInfoByKey0 function (fwpmk.h)

The FwpmSubLayerGetSecurityInfoByKey0 function retrieves a copy of the security descriptor for a sublayer.

Syntax

NTSTATUS FwpmSubLayerGetSecurityInfoByKey0(
  [in]            HANDLE               engineHandle,
  [in, optional]  const GUID           *key,
  [in]            SECURITY_INFORMATION securityInfo,
  [out, optional] PSID                 *sidOwner,
  [out, optional] PSID                 *sidGroup,
  [out, optional] PACL                 *dacl,
  [out, optional] PACL                 *sacl,
  [out]           PSECURITY_DESCRIPTOR *securityDescriptor
);

Parameters

[in] engineHandle

Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.

[in, optional] key

Unique identifier of the sublayer. This must be the same GUID that was specified when the application called FwpmSubLayerAdd0.

[in] securityInfo

The type of security information to retrieve.

[out, optional] sidOwner

The owner security identifier (SID) in the returned security descriptor.

[out, optional] sidGroup

The primary group security identifier (SID) in the returned security descriptor.

[out, optional] dacl

The discretionary access control list (DACL) in the returned security descriptor.

[out, optional] sacl

The system access control list (SACL) in the returned security descriptor.

[out] securityDescriptor

The returned security descriptor.

Return value

Return code/value Description
ERROR_SUCCESS
0
The security descriptor was retrieved successfully.
FWP_E_* error code
0x80320001—0x80320039
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details.
RPC_* error code
0x80010001—0x80010122
Failure to communicate with the remote or local firewall engine.
Other NTSTATUS codes An error occurred.

Remarks

If the key parameter is NULL or if it is a NULL GUID, this function manages the security information of the sublayers container.

The returned securityDescriptor parameter must be freed through a call to FwpmFreeMemory0. The other four (optional) returned parameters must not be freed, as they point to addresses within the securityDescriptor parameter.

This function behaves like the standard Win32 GetSecurityInfo function. The caller needs the same standard access rights as described in the GetSecurityInfo reference topic.

FwpmSubLayerGetSecurityInfoByKey0 is a specific implementation of FwpmSubLayerGetSecurityInfoByKey. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.

Requirements

Requirement Value
Minimum supported client Available starting with Windows Vista.
Target Platform Universal
Header fwpmk.h
Library fwpkclnt.lib
IRQL <= PASSIVE_LEVEL

See also