Registrations are now open. Join us today!
There is still a lot of work to do on the wiki yet! More information about editing can be found here.
Already have an account?

Microsoft KB Archive/168574

From BetaArchive Wiki

BUG: SetEntriesInAcl() May Produce Undesired Results

Q168574



The information in this article applies to:


  • Microsoft Win32 Application Programming Interface (API), used with:
    • the operating system: Microsoft Windows NT, versions 3.51, 4.0





SYMPTOMS

As described in the Win32 Programmer's Reference, the SetEntriesInAcl() function creates a new access-control list (ACL) by merging new access- control or audit-control information into an existing ACL.

When you perform this merge operation on a container object ACL, SetEntriesInAcl() occasionally discards inheritance flags. You will notice this by closely examining the object ACL before and after calling SetEntriesInAcl().



CAUSE

When you merge like entries, SetEntriesInAcl() often ignores dissenting inherit flags.



RESOLUTION

If an application needs to modify ACL information and needs to produce reliable results on any version of Windows NT 4.0 prior to Service Pack 3, you should use the APIs documented in the Win32 Programmer's Reference under the section titled "Low-Level Access Control Functions".



STATUS

Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article.

Additional query words: winnt

Keywords : kbAccCtrl kbAPI kbKernBase kbSecurity kbDSupport kbGrpDSKernBase
Issue type : kbbug
Technology : kbAudDeveloper kbWin32sSearch kbWin32API


Last Reviewed: October 23, 2000
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.