I'm working on a program that needs to check the permissions given to a
specific user on a specific registry key. The file that I read looks like
RegistryKey:username:access
As an example
KHLM\SYSTEM\CurrentControlSet\Services\BITS:bubba: read
After I open my registry key with RegOpenKeyEx(HKEY_LOCAL_MACHINE,
TEXT("SYSTEM\\CurrentControlSet\\Services\\BITS"), 0, KEY_ALL_ACCESS,
&mykey)
And then obtain the security descriptor with RegGetKeySecurity(mykey,
(SECURITY_INFORMATION)(DACL_SECURITY_INFORMATION), keyacl, &aclSize)
How do I interpret the information contained in keyacl (type is
PSECURITY_DESCRIPTOR)?
Also I found another way to obtain the same information without having to
first open the registry key using
GetNamedSecurityInfo(TEXT("MACHINE\\SYSTEM\\Curren tControlSet\\Services\\BITS"),
SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION, NULL, NULL, &myACL, NULL, &pSD)
Also, which of the 2 ways to access the DACL of the key is more appropriate?
Any advantages/disadvantages?
TIA for any pointers.